Latest Internet & Cybersecurity News

📅December 18, 2025 at 1:00 AM
December surge: widespread exploitation of critical vulnerabilities (Fortinet, React2Shell), AI-powered attacks rise, major breaches and regulatory moves shape global cybersecurity landscape.
1

Fortinet vulnerabilities actively exploited in enterprise networks

Newly disclosed Fortinet vulnerabilities are being actively exploited across enterprises, prompting emergency patches and incident responses from security teams worldwideSource 1. The H-ISAC bulletin lists this as the leading story and notes ongoing exploitation in production environmentsSource 1.

2

React2Shell flaw being abused to compromise web applications

React2Shell (CVE-2025-55182) — a high-severity vulnerability in React web frameworks — is under active exploitation, allowing attackers to gain unrestricted access to affected servers and sitesSource 1Source 3. Security researchers warned millions of websites remain exposed and urged immediate patching and mitigationsSource 1Source 3.

3

16 billion credential mega-leak continues fueling credential-stuffing attacks

A June 2025 compilation of roughly 16 billion stolen credentials is driving large-scale credential-stuffing and phishing campaigns as attackers reuse harvested logins across servicesSource 2. Security advisories urge widespread password resets, MFA adoption, and anomaly detection to mitigate the systemic risk posed by credential reuseSource 2.

4

ToolShell exploit targets Microsoft SharePoint with widespread RCE impact

ToolShell (CVE-2025-53770) emerged in August and quickly became a favored exploit for attackers targeting Microsoft SharePoint, enabling remote code execution and affecting hundreds of organizationsSource 3. Slow patch rollouts amplified the impact, with confirmed compromises and significant operational disruption in multiple sectorsSource 3.

5

AI’s operationalization changes attacker and defender dynamics

Analysts report 2025 as the year AI became operational for both attackers and defenders, with attackers using AI for automated reconnaissance and social engineering while defenders rely on AI for telemetry correlation and automated responseSource 5. Experts argue this 'AI Rubicon' requires unified visibility, behavioral analysis, and automated defenses to keep pace with AI-driven threatsSource 5.

6

Law enforcement crackdowns disrupt cybercrime forums but threats persist

2025 saw unprecedented law enforcement actions (e.g., Operation Spectral Tango) against cybercrime marketplaces, disrupting some data trafficking yet failing to fully stop data leak aggregation and resaleSource 3. Analysts say takedowns have raised costs and complexity for criminals but adversaries continue adapting with distributed platforms and private channelsSource 3.

7

Major corporate breaches and large-scale data exfiltrations reported throughout 2025

High-profile incidents in 2025 include massive exfiltrations affecting enterprises and service providers, such as a reported theft of hundreds of millions to billions of records across multiple vendors and platformsSource 3Source 2. These breaches exposed PII, authentication secrets, and source code, amplifying supply-chain and downstream risksSource 3Source 2.

8

Gentlemen ransomware campaigns expand into manufacturing and healthcare

Security firms reported the expanding Gentlemen ransomware campaigns hitting manufacturing and healthcare sectors, causing operational disruption and data theftSource 1. Industry advisories recommend rapid patching, network segmentation, and offline backups to limit impactSource 1.

9

Regulatory and legal pressure grows: U.S. states push AI and privacy measures

States including Florida and California advanced AI consumer protections and expanded privacy enforcement, responding to GenAI risks, health-data offshoring, and growing litigation trendsSource 7. Legal advisories highlight increasing compliance burdens for organizations deploying AI and handling cross-border dataSource 7.

10

SMBs remain heavily targeted: nearly half affected by cyberattacks in 2025

Guardz reports that nearly 50% of U.S. small businesses experienced a cyberattack in 2025, with phishing, ransomware, and human error as leading causes, underscoring the need for basic defenses and managed servicesSource 8. The report emphasizes SMBs' limited resources and the rising importance of outsourced security and insuranceSource 8.

11

CloudFlare and other providers report rising AI-related threat activity

Cloud and CDN providers documented increases in AI-assisted threats across 2025, including automated probing, content-generation for social engineering, and adaptive malware patterns that evade static detectionSource 1Source 5. Providers recommend integrating behavioral detection and rate-limiting with AI-aware security controlsSource 1Source 5.

12

Google discontinues built-in dark web monitoring feature

Google ended its dark-web monitoring feature, shifting responsibility for threat discovery to users and organizations and prompting calls for alternative vendor solutions and internal monitoring programsSource 1. Security professionals caution this may increase reliance on third-party monitoring and intelligence servicesSource 1.

Back to News