THE weekly recap highlights a blend of threats extending beyond traditional malware, with AISURU/Kimwolf’s 31.4 Tbps DDoS attack peak in November 2025 lasting 35 seconds, a record attributed to Cloudflare. It also notes Notepad++ update infrastructure was breached between June and October 2025, with attackers maintaining access and routing update traffic to malicious servers until at least 2 December 2025, and the operation linked to a threat actor known as Lotus Blossom.
The piece draws attention to OpenClaw’s expanding ecosystem risks, including prompts injections and unauthorised access routes, and cites that malicious OpenClaw gateways were exposed on port 18789. It further reports on other security news such as a DockerDash RCE in Docker’s AI assistant, and Microsoft’s scanner for backdoors in open-weight LLMs, both framed as part of a broader shift to zero-trust and AI-enabled threats.
The Top News items are accompanied by CVE roundups and other industry analyses, painting a picture of threat actors increasingly targeting trusted platforms, supply chains, and automated workflows.