This is today’s cyber news for November 13th, 2025. In this episode you’ll hear how a state-aligned group is abusing Cisco and Citrix identity platforms as quiet beachheads, while a fresh Windows kernel zero-day turns small footholds into full-system compromise if left unpatched. We also cover Google’s lawsuit against the Lighthouse phishing service that fueled massive toll-payment scams, a streamlined Microsoft 365 redirection campaign driving global account takeovers, and the United Kingdom’s proposed Cyber Security and Resilience Bill that would push hospitals, utilities, and transport operators toward tougher baseline controls.

You’ll then move into the defender’s trench with a revived DanaBot banking trojan, WinRAR exploits aimed at South Asian governments, and new flaws in GitHub Copilot and Visual Studio that raise software supply chain questions. The brief closes with Windows 11’s growing passkey support through major password managers and a sprawling travel-brand phishing wave that uses thousands of fake domains to skim card data. It is a fast, focused rundown for leaders, defenders, and builders, with a daily feed of past episodes available at DailyCyber.news.