Security briefing: November 2025

This Sysdig Threat Research Team monthly wrap-up highlights several high-impact November incidents: three runc container escape CVEs affecting many platforms, active exploitation of a long-standing Linux kernel vulnerability (CVE-2024-1086) in ransomware campaigns, the resurgence of the Shai-Hulud worm that compromised hundreds to thousands of npm packages and leaked credentials, plus major breaches (SitusAMC, Coupang) and a Microsoft zero-day; Sysdig published technical analyses, detections, and mitigation guidance for customers.