Security briefing: November 2025

Sysdig’s November threat roundup highlights several high-risk, actively exploited issues: multiple runc container escape CVEs affecting many platforms, a decade-old Linux kernel vulnerability (CVE-2024-1086) confirmed as exploited in ransomware campaigns, the return and expansion of the Shai-Hulud worm affecting hundreds–thousands of npm packages and leaking credentials, large data breaches including Coupang (33.7M accounts) and a financial supply-chain incident at SitusAMC, plus a Microsoft Windows kernel zero-day being actively exploited. The report details Sysdig’s published technical analyses and detection rules and urges immediate patching, package cleanup, credential rotation, and proactive threat hunting.