Latest Internet & Cybersecurity News

đź“…December 23, 2025 at 1:00 PM
Critical vulnerabilities exploited in firewalls and enterprise software, major data breaches in education and healthcare, nation-state cyber threats from North Korea, China, Russia, and Iran, plus government advisories and funding.
1

NIST Invests $20M in AI Cybersecurity Centers

NIST invested $20 million with MITRE to establish centers for AI-based manufacturing solutions and cybersecurity for critical infrastructure. This aims to bolster U.S. defenses against emerging threats.Source 1

2

CISA, NSA Update BRICKSTORM Backdoor Advisories

CISA, NSA, and Canadian Cyber Security Centre released updated IOCs and detection signatures for Rust-based BRICKSTORM backdoor with advanced persistence and encrypted WebSocket C2. Organizations urged to implement defenses immediately.Source 1Source 3

3

DOJ Charges 54 in $40M ATM Jackpotting Scheme

U.S. DOJ charged 54 individuals linked to Tren de Aragua gang in ATM jackpotting attacks using Ploutus malware, causing $40.73 million losses since 2021.Source 1

4

North Korean Hackers Steal $2B in Crypto

North Korean hackers stole $2.02 billion in cryptocurrency in 2025, a 51% YoY increase, targeting defense and crypto sectors via exploits and phishing.Source 1Source 9

5

University of Phoenix Breach Exposes 3.5M Records

Unauthorized access on August 13, 2025, exposed personal data of 3.5 million students and faculty, discovered November 21, with notifications on December 22.Source 2

6

Critical WatchGuard Firebox Zero-Day Under Attack

Active zero-day exploits target WatchGuard Firebox firewalls, enabling remote takeover; over 115,000 systems exposed, urgent patching advised by Australian authorities.Source 7

7

SonicWall SMA1000 Zero-Day Exploited

Threat actors exploit CVE-2025-40602 in SonicWall edge access devices for unauthorized network entry; CISA added to KEV catalog, emergency patches required.Source 5

8

Episource Ransomware Breach Affects 5.4M

Ransomware attack from Jan 27 to Feb 6, 2025, exposed data of 5.4 million in risk adjustment services; one of 2025's largest healthcare-related breaches.Source 6

9

China-Linked Ink Dragon Expands Espionage

China-linked Ink Dragon group targets European governments using compromised servers; also charged 12 Chinese hackers in global intrusions.Source 4Source 5

10

Trump Admin Prepares 2026 Cybersecurity Strategy

Incoming Trump administration drafts five-page strategy with six pillars, potentially followed by executive order for federal cyber policy.Source 3

11

PornHub Data Breach via Mixpanel Exposes 200M Users

Breach through Mixpanel exposed over 200 million premium user records, part of major 2025 incidents alongside 700Credit and University of Sydney breaches.Source 1

12

CISA Adds Vulnerabilities to KEV Catalog

CISA added flaws like CVE-2025-14611 in Gladinet/Triofox, Android zero-days, and others to Known Exploited Vulnerabilities, mandating federal prioritization.Source 5

Back to News