This is today’s cyber news for November 28th, 2025. Today’s brief opens with millions of phones still following abandoned calendar links that attackers can quietly reclaim, turning old sync feeds into tracking and phishing channels. We move through an analytics vendor breach exposing OpenAI developer account details, a ransomware hit on Asahi affecting operations and data on around two million people, and twin campaigns that poison npm packages and GitHub Actions to steal secrets and threaten destructive wipes. A major Korean service provider breach spilling into financial firms rounds out the core supply-chain and data exposure stories.

Listeners will also hear how firmware flaws in Nvidia DGX Spark systems, insecure Asus AiCloud routers, and risky Entra login scripts widen the technical edges of today’s attack surface. The brief covers third-party SaaS access via Gainsight and Salesforce, NetSupport based espionage against Central Asian banks and ministries, and a teen-led hacking crew alongside an open AI toolkit, KawaiiGPT, that lowers the bar for convincing attacks. It is designed for leaders, defenders, and builders who need clear stakes, business impact, and simple signals to watch, with a narrated feed available at DailyCyber.news.