Latest Internet & Cybersecurity News
North Korean Hackers Steal $2.02 Billion in Crypto in 2025
North Korean hackers stole $2.02 billion in cryptocurrency in 2025, a 51% increase year-over-year, pushing their total to $6.75 billion. Chainalysis analysis highlights this as the leading global crypto theft driver.
Amazon data supports insights into DPRK cyber activities.
2025 Worst Year on Record for Global Cyber Breaches
Cyberattacks in 2025 hit unprecedented scale, breaching US Treasury, federal agencies, and nuclear systems by Chinese and Russian hackers. Clop ransomware exploited Oracle flaw for mass extortion; UK retail and Jaguar Land Rover hacks caused £1.5B damage.
South Korea faced monthly breaches at telecoms and Coupang.
Worldwide Microsoft Teams Outage Causes Message Delays
Microsoft Teams suffered a major disruption on December 20, 2025, with global messaging delays and functionality issues tracked as TM1200517. Microsoft is investigating root causes while monitoring recovery.
Businesses reliant on Teams faced disrupted collaboration.
Russian Group BlueDelta Targets UKR.NET Users
Russian state-sponsored BlueDelta (APT28) runs persistent credential-harvesting against Ukrainian UKR.NET webmail. Insikt Group urges phishing-resistant MFA adoption.
Campaign highlights need for enhanced authentication.
Amazon IDs Russian Campaign Targeting Global Infrastructure
Russian threats targeted Western critical infrastructure, especially energy, from 2021-2025 via edge devices. Amazon Threat Intelligence notes tactic evolution; recommends NCSC forensics guidance.
CJ Moses summarizes initial access methods.
Cisco Zero-Day CVE-2025-20393 Exploited in Attacks
Cisco Talos warns of ongoing campaign exploiting CVE-2025-20393 (improper input validation) in Secure Email appliances. Added to CISA KEV catalog with one-week mitigation deadline; no patch yet.
Targets internet-exposed Spam Quarantine features.
FortiGate FortiCloud SSO Vulnerabilities Exposed
Over 25,000 Fortinet devices vulnerable via FortiCloud SSO; Arctic Wolf observed malicious logins from Dec 12. CVE-2025-59718 added to CISA KEV with Dec 23 deadline.
Users urged to disable feature until patched.
Silver Fox Uses SEO Poisoning for Backdoor Distribution
Silver Fox campaign employs SEO poisoning for backdoors in 20+ apps, targeting Chinese users since July 2025. False-flag op with Cyrillic names; victims across Asia, Europe, NA.
ReliaQuest confirms broader infrastructure.
Google Sues to Seize Sites of Cybersecurity Threat Group
Google lawsuit seeks to seize websites used by a threat group, gaining legal standing to hamper operations. NBC reports aim to disrupt group activities via US courts.
Part of broader infrastructure defenses.
December 2025 Android Security Bulletin Patches 100+ Flaws
Google's bulletin addresses over 100 vulnerabilities, including two zero-days in Android platform and vendors. Critical fixes for core components to counter active exploits.
Users urged to update promptly.
Mitchell County Ransomware Incident Exposes Health Data
Ransomware hit Mitchell County network Oct 20, 2025; unauthorized access Oct 16-20 stole protected health info. County engaged forensics, law enforcement, and state task force.
Affects social services recipients.
Cloud Atlas Exploits Office Flaws in Ongoing Campaign
Cloud Atlas group targets Eastern Europe/Asia with Office exploits for silent compromises, decade-long ops. Sophisticated chains evade detection.
Continues espionage focus.