Risky Bulletin: Another Chinese Security Firm Has Its Data Leaked

Risky Business Podcast • November 11, 2025
Prepared by Catalyn Kimparnu, read by Claire Aird

Episode Overview

This episode of Risky Bulletin, presented by Claire Aird, covers the latest developments in global cybersecurity. Main stories include a major data leak from Chinese security firm Nosec, an ongoing breach at the U.S. Congressional Budget Office, legislative updates to key cybersecurity laws, and broader impacts of recent cyberattacks on corporations and economies around the world. The episode delivers concise, authoritative updates suitable for information security professionals and those interested in high-impact cybersecurity news.

Key Discussion Points and Insights

1. Major Data Leak at Chinese Security Firm Nosec

[00:17]

Nosec, a Chinese cybersecurity firm backed by Tencent, suffered a significant leak of more than 12,000 internal documents.
- Leaked files include: details about contracts with the Chinese government, descriptions of hacking tools, and a list of past targets.
- Nosec is recognized in the West for the Zoom Eye IoT search engine.
The leak echoes last year's breach at another Chinese firm, Isoon.

"The leaked files contain details about contracts with the Chinese government, hacking tools and a list of previous targets." (Claire Aird, 00:27)

2. U.S. Congressional Budget Office Breach Continues

[01:03]

Breach at the Congressional Budget Office (CBO) has not yet been contained.
Guidance issued: Workers at other federal agencies told to avoid digital communication with CBO staff—including email, Zoom, Microsoft Teams.

"Workers at other federal agencies have been told to avoid communicating digitally with CBO staff. This includes email, Zoom and Microsoft Teams." (Claire Aird, 01:12)

3. Extension of the Cybersecurity Information Sharing Act

[01:24]

The Cybersecurity Information Sharing Act of 2015 expired in late September.
Legislation to end the government shutdown includes a provision extending the Act until January 30.
- Passed the Senate on Sunday; expected to clear the House this week.

4. Iranian Hacktivists Leak Australian Military Schematics

[01:40]

Cybertufan Group, an Iranian hacktivist group, leaked confidential schematics for Australia’s Redback Infantry Fighting Vehicles.
- The files were stolen from Maya Technologies, an Israeli firm working on some vehicle components.
- Files published on the group’s Telegram channel.

5. Jaguar Land Rover Ransomware Attack Impacts UK’s GDP

[01:58]

Previous ransomware attack at Jaguar Land Rover disrupted production and affected thousands of suppliers.
The Bank of England confirmed the attack contributed to lower GDP growth in Q3.
- Officials had anticipated economic impact from the disruption.

6. Asahi Brewery Struggles After Cyber Attack

[02:20]

Japanese brewer Asahi operating at only 10% capacity more than a month after a crippling cyber attack.
Lost top market position to rival Kirin.
Delayed financial report to prioritize restoration ahead of winter holidays.

7. Intel Sues Former Employee for Alleged Data Theft

[02:43]

Intel is suing Jinfeng Luo, a former Seattle design engineer, for stealing 18,000+ files just before leaving the company.
- Luo initially blocked from copying data to external drive, but succeeded days later by connecting a NAS to Intel’s network.

"The company says Jinfeng Luo stole more than 18,000 files in July, days before his employment was due to end." (Claire Aird, 02:47)

8. Microsoft Expands Phishing-resistant MFA Adoption

[03:05]

99.6% of Microsoft staff accounts and devices now use phishing-resistant multi-factor authentication (MFA).
These changes are part of the Secure Future Initiative.
- 35,000+ engineers now work on security full-time.
- High-risk employees restricted to locked-down Azure virtual desktops.

9. Security Improvement on Python’s PyPI via Trusted Publishing

[03:30]

Over 25% of all PyPI package updates now use the Trusted Publishing Mechanism.
- Maintainers authorize CI/CD platforms to publish via short-lived tokens, reducing risks associated with long-lived tokens.

10. Massive Growth in UK Cyber Insurance Claims

[03:50]

British insurers paid out £197 million in cyber claims last year, up from £59 million in 2023.
- Over half were ransomware or malware related.

11. Ongoing Attacks on Triofox File Sharing Servers

[04:08]

Threat actor group UNC6485 has been exploiting an authentication bypass vulnerability in Triofox file sharing servers for over two months.
- Vulnerability allows access to configuration files and remote code execution.
- Patches released in July; attackers still targeting unpatched systems.

12. OWASP Top 10: 2025 Update Announced

[04:31]

OWASP Foundation is preparing an updated Top 10 list of web application flaws (last updated 2021).
- New entries: “Software Supply Chain Failures” debuts at #3, “Mishandling of Exceptional Conditions” enters at #10.

Memorable Quotes & Moments

"The leaked files contain details about contracts with the Chinese government, hacking tools and a list of previous targets." — Claire Aird, [00:27]
"Workers at other federal agencies have been told to avoid communicating digitally with CBO staff." — Claire Aird, [01:12]
"Intel is suing a former employee for allegedly stealing confidential data... more than 18,000 files in July, days before his employment was due to end." — Claire Aird, [02:43]
"British insurance companies paid out £197 million in cyber claims last year. The association of British Insurers says it was more than three times the 59 million pounds paid in 2023." — Claire Aird, [03:53]

Timestamps for Important Segments

Nosec Data Leak — [00:17]
CBO Breach — [01:03]
Cybersecurity Information Sharing Act Extension — [01:24]
Australian Military Leak by Iranian Hacktivists — [01:40]
Jaguar Land Rover Ransomware and UK GDP — [01:58]
Asahi Cyber Attack Fallout — [02:20]
Intel Employee Data Theft Lawsuit — [02:43]
Microsoft MFA and Secure Future Initiative — [03:05]
PyPI Trusted Publishing — [03:30]
UK Cyber Insurance Claims — [03:50]
Triofox Attacks — [04:08]
2025 OWASP Top 10 Update — [04:31]

Conclusion

This Risky Bulletin episode delivers a tightly curated update on the ever-evolving global cybersecurity landscape. Recurrent themes include the increasing prevalence and consequences of critical infrastructure breaches, the rapid escalation in cyber insurance payouts, and the industry’s gradual embrace of more robust authentication and supply chain security. The inclusion of fresh insights, pragmatic legislative updates, and forewarning about ongoing threat actor activity makes it an essential listen for cybersecurity professionals and enthusiasts alike.

Risky Bulletin: Another Chinese Security Firm Has Its Data Leaked

Risky Business Podcast • November 11, 2025
Prepared by Catalyn Kimparnu, read by Claire Aird

Episode Overview

Key Discussion Points and Insights

1. Major Data Leak at Chinese Security Firm Nosec

[00:17]

Nosec, a Chinese cybersecurity firm backed by Tencent, suffered a significant leak of more than 12,000 internal documents.
- Leaked files include: details about contracts with the Chinese government, descriptions of hacking tools, and a list of past targets.
- Nosec is recognized in the West for the Zoom Eye IoT search engine.
The leak echoes last year's breach at another Chinese firm, Isoon.

"The leaked files contain details about contracts with the Chinese government, hacking tools and a list of previous targets." (Claire Aird, 00:27)

2. U.S. Congressional Budget Office Breach Continues

[01:03]

Breach at the Congressional Budget Office (CBO) has not yet been contained.
Guidance issued: Workers at other federal agencies told to avoid digital communication with CBO staff—including email, Zoom, Microsoft Teams.

"Workers at other federal agencies have been told to avoid communicating digitally with CBO staff. This includes email, Zoom and Microsoft Teams." (Claire Aird, 01:12)

3. Extension of the Cybersecurity Information Sharing Act

[01:24]

The Cybersecurity Information Sharing Act of 2015 expired in late September.
Legislation to end the government shutdown includes a provision extending the Act until January 30.
- Passed the Senate on Sunday; expected to clear the House this week.

4. Iranian Hacktivists Leak Australian Military Schematics

[01:40]

Cybertufan Group, an Iranian hacktivist group, leaked confidential schematics for Australia’s Redback Infantry Fighting Vehicles.
- The files were stolen from Maya Technologies, an Israeli firm working on some vehicle components.
- Files published on the group’s Telegram channel.

5. Jaguar Land Rover Ransomware Attack Impacts UK’s GDP

[01:58]

Previous ransomware attack at Jaguar Land Rover disrupted production and affected thousands of suppliers.
The Bank of England confirmed the attack contributed to lower GDP growth in Q3.
- Officials had anticipated economic impact from the disruption.

6. Asahi Brewery Struggles After Cyber Attack

[02:20]

Japanese brewer Asahi operating at only 10% capacity more than a month after a crippling cyber attack.
Lost top market position to rival Kirin.
Delayed financial report to prioritize restoration ahead of winter holidays.

7. Intel Sues Former Employee for Alleged Data Theft

[02:43]

Intel is suing Jinfeng Luo, a former Seattle design engineer, for stealing 18,000+ files just before leaving the company.
- Luo initially blocked from copying data to external drive, but succeeded days later by connecting a NAS to Intel’s network.

"The company says Jinfeng Luo stole more than 18,000 files in July, days before his employment was due to end." (Claire Aird, 02:47)

8. Microsoft Expands Phishing-resistant MFA Adoption

[03:05]

99.6% of Microsoft staff accounts and devices now use phishing-resistant multi-factor authentication (MFA).
These changes are part of the Secure Future Initiative.
- 35,000+ engineers now work on security full-time.
- High-risk employees restricted to locked-down Azure virtual desktops.

9. Security Improvement on Python’s PyPI via Trusted Publishing

[03:30]

Over 25% of all PyPI package updates now use the Trusted Publishing Mechanism.
- Maintainers authorize CI/CD platforms to publish via short-lived tokens, reducing risks associated with long-lived tokens.

10. Massive Growth in UK Cyber Insurance Claims

[03:50]

British insurers paid out £197 million in cyber claims last year, up from £59 million in 2023.
- Over half were ransomware or malware related.

11. Ongoing Attacks on Triofox File Sharing Servers

[04:08]

Threat actor group UNC6485 has been exploiting an authentication bypass vulnerability in Triofox file sharing servers for over two months.
- Vulnerability allows access to configuration files and remote code execution.
- Patches released in July; attackers still targeting unpatched systems.

12. OWASP Top 10: 2025 Update Announced

[04:31]

OWASP Foundation is preparing an updated Top 10 list of web application flaws (last updated 2021).
- New entries: “Software Supply Chain Failures” debuts at #3, “Mishandling of Exceptional Conditions” enters at #10.

Memorable Quotes & Moments

"The leaked files contain details about contracts with the Chinese government, hacking tools and a list of previous targets." — Claire Aird, [00:27]
"Workers at other federal agencies have been told to avoid communicating digitally with CBO staff." — Claire Aird, [01:12]
"Intel is suing a former employee for allegedly stealing confidential data... more than 18,000 files in July, days before his employment was due to end." — Claire Aird, [02:43]
"British insurance companies paid out £197 million in cyber claims last year. The association of British Insurers says it was more than three times the 59 million pounds paid in 2023." — Claire Aird, [03:53]

Timestamps for Important Segments

Nosec Data Leak — [00:17]
CBO Breach — [01:03]
Cybersecurity Information Sharing Act Extension — [01:24]
Australian Military Leak by Iranian Hacktivists — [01:40]
Jaguar Land Rover Ransomware and UK GDP — [01:58]
Asahi Cyber Attack Fallout — [02:20]
Intel Employee Data Theft Lawsuit — [02:43]
Microsoft MFA and Secure Future Initiative — [03:05]
PyPI Trusted Publishing — [03:30]
UK Cyber Insurance Claims — [03:50]
Triofox Attacks — [04:08]
2025 OWASP Top 10 Update — [04:31]

Risky Bulletin: Another Chinese security firm has its data leaked

Powered by Wave AI

Summary

Risky Bulletin: Another Chinese Security Firm Has Its Data Leaked

Episode Overview

Key Discussion Points and Insights

1. Major Data Leak at Chinese Security Firm Nosec

2. U.S. Congressional Budget Office Breach Continues

3. Extension of the Cybersecurity Information Sharing Act

4. Iranian Hacktivists Leak Australian Military Schematics

5. Jaguar Land Rover Ransomware Attack Impacts UK’s GDP

6. Asahi Brewery Struggles After Cyber Attack

7. Intel Sues Former Employee for Alleged Data Theft

8. Microsoft Expands Phishing-resistant MFA Adoption

9. Security Improvement on Python’s PyPI via Trusted Publishing

10. Massive Growth in UK Cyber Insurance Claims

11. Ongoing Attacks on Triofox File Sharing Servers

12. OWASP Top 10: 2025 Update Announced

Memorable Quotes & Moments

Timestamps for Important Segments

Conclusion

Summary

Risky Bulletin: Another Chinese Security Firm Has Its Data Leaked

Episode Overview

Key Discussion Points and Insights

1. Major Data Leak at Chinese Security Firm Nosec

2. U.S. Congressional Budget Office Breach Continues

3. Extension of the Cybersecurity Information Sharing Act

4. Iranian Hacktivists Leak Australian Military Schematics

5. Jaguar Land Rover Ransomware Attack Impacts UK’s GDP

6. Asahi Brewery Struggles After Cyber Attack

7. Intel Sues Former Employee for Alleged Data Theft

8. Microsoft Expands Phishing-resistant MFA Adoption

9. Security Improvement on Python’s PyPI via Trusted Publishing

10. Massive Growth in UK Cyber Insurance Claims

11. Ongoing Attacks on Triofox File Sharing Servers

12. OWASP Top 10: 2025 Update Announced

Memorable Quotes & Moments

Timestamps for Important Segments

Conclusion