svoboda.center Logo svoboda.center

Svoboda Cybersecurity Brief November 10, 2025

Private VPN — just $1.2/mo

Manassas City Public Schools closed due to cyberattack

Manassas City Public Schools (MCPS) closed all schools on November 10, 2025, due to a cybersecurity incident causing connectivity disruptions and phone outages. Superintendent Dr. Kevin Newman stated the closure was precautionary, though campuses were not at physical risk.
Source: DataBreaches

San Joaquin Superior Court confirms data breach exposing sensitive info

The Superior Court of California, San Joaquin County, disclosed a 2024 breach where an unauthorized actor accessed sensitive data, including SSNs, driver’s licenses, and credit card numbers. The court is offering credit monitoring, but the scope of impacted individuals remains unclear. The breach occurred between October 25–30, 2024, coinciding with earlier connectivity issues.
Source: DataBreaches

Critical runC vulnerabilities enable Docker container escapes

Three flaws in runC (CVE-2025-31133, CVE-2025-52565, CVE-2025-52881) allow attackers to escape containers and gain root access to the host system via symlink manipulation and /proc file abuse. Exploits require custom mount configurations, but fixes are available in runC versions 1.2.8, 1.3.3, and later.
Impact: Host system compromise via container breakout.
Mitigation: Update runC, use rootless containers, or enable user namespace isolation.
Source: BleepingComputer

Phishing scam targets lost iPhone users via fake “Find My” messages

The Swiss NCSC warns of smishing attacks impersonating Apple’s Find My service, directing victims to phishing sites stealing Apple ID credentials. Messages include device details (e.g., model, color) extracted from locked phones to appear legitimate. Attackers aim to disable Activation Lock for resale.
Impact: Apple account takeover and device theft.
Mitigation: Avoid clicking unsolicited links, enable Lost Mode, and use SIM PINs.
Source: BleepingComputer

The US government plans to block TP-Link router sales, citing potential Chinese influence and past exploitation by state-backed hackers (e.g., “Camaro Dragon” firmware implants). TP-Link denies risks, but competitors also face scrutiny for insecure default configurations.
Source: KrebsOnSecurity

Share this brief: https://svo.bz/bETb

If you want to support us, you can donate here: Donate