Latest Internet & Cybersecurity News
Pro-Russian Hackers Claim DDoS Attack on French Postal Service La Poste
A pro-Russian hacking group took responsibility for a major DDoS attack that knocked offline central systems at France's national postal service La Poste on December 24, 2025, disrupting package deliveries and online payments. The attack blocked services and delayed operations, highlighting ongoing geopolitical cyber tensions.
Authorities are investigating the impact on critical infrastructure.
CISA Adds Critical Fortinet Vulnerabilities to KEV Catalog
CISA added CVE-2025-59718 (CVSS 9.1) and CVE-2025-59719 to its Known Exploited Vulnerabilities catalog after confirming active exploitation in Fortinet products like FortiOS and FortiWeb when FortiCloud SSO is enabled. Attackers exploited these flaws days after patches, targeting admin accounts and exfiltrating config files.
U.S. federal agencies must remediate by December 23, 2025, under BOD 22-01.
Fortinet Warns of Active Exploitation of Old SSL VPN 2FA Bypass Flaw
Fortinet reported recent abuse of CVE-2020-12812 (CVSS 5.2), an improper authentication vulnerability in FortiOS SSL VPN allowing login without 2FA under specific LDAP configurations. Exploitation requires local users with 2FA linked to LDAP groups used in policies.
Organizations should review configurations and apply mitigations immediately.
China-Linked Ink Dragon Conducts Sophisticated Campaigns Against Governments
China-linked group Ink Dragon used FINALDRAFT backdoor and legitimate tools in disciplined campaigns targeting governments and telecoms in Europe, Asia, and Africa. The group impacted dozens of victims, including a Russian IT provider, blending engineering with evasion tactics.
Check Point highlighted ongoing activity since early 2025.
ShinyHunters Allegedly Breaches SoundCloud, Followed by DoS Attacks
Cyber extortion group ShinyHunters reportedly breached SoundCloud, threatening data leaks unless paid, with subsequent DoS attacks briefly disrupting access. The platform contained the breach and attributed outages to security changes.
SoundCloud remains operational amid the incident.
Salt Typhoon China-Linked Attacks Extend to National Guard Networks
Hacking group Salt Typhoon targeted multiple U.S. National Guard networks in 2024, with effects persisting into 2025, as confirmed by officials. CISA warned of ongoing China-linked threats alongside BRICKSTORM malware using stolen credentials.
This underscores persistent nation-state cyber risks.
Red Hat GitLab Breach Exposes 21,000 Customers' Data
Hackers compromised Red Hat’s GitLab instances, stealing personal information of 21,000 customers. The incident is part of broader supply chain risks in tech services.
Red Hat is addressing the fallout from the data theft.
ServiceNow Acquires Cybersecurity Firm Armis for $7.75 Billion
ServiceNow announced a $7.75 billion acquisition of cyber asset management firm Armis, following rumors and Armis's recent $435 million funding. The deal aims to enhance enterprise security capabilities.
It marks a major consolidation in the cybersecurity market.
Shinhan Card Data Breach Impacts 192,000 South Korean Merchants
South Korea's Shinhan Card suffered a breach exposing data of 192,000 merchants on December 24, 2025. The incident adds to rising data breach trends in financial services.
Investigations are underway to assess full scope and response.
Critical Fireware OS Vulnerability Allows Remote Code Execution
A critical flaw, CVE-2025-37164, in WatchGuard's Fireware OS iked process enables unauthenticated remote code execution. Organizations using affected systems should patch urgently.
This vulnerability poses high risk to network security appliances.
Treasury Department Compromised by China-Sponsored Actor via BeyondTrust
A China state-sponsored threat actor exploited a BeyondTrust remote access key, accessing Treasury workstations and unclassified documents early 2025. CISA confirmed no wider agency impact after collaboration.
The breach highlighted third-party software risks.
Escalated Cyber Attacks Target U.S. Federal Court Filing Platform
The U.S. federal court system's electronic case filing platform faced heightened attacks in 2025. Officials reported increased cyber risks to judicial infrastructure.
This reflects broader threats to government systems.