Latest Internet & Cybersecurity News
Massive AWS Outage Disrupts Holiday Gaming and Services on Christmas 2025
A widespread AWS outage on December 25, 2025, affected Fortnite, Steam, and other platforms, marking the third major disruption this year. Speculation points to potential cyber attacks or connectivity issues amid holiday vulnerabilities.
This highlights cloud infrastructure fragility powering much of the internet.
Critical Net-SNMP Vulnerability CVE-2025-68615 Allows Remote Attacks
A buffer overflow in Net-SNMP's snmptrapd daemon (CVE-2025-68615) enables remote attackers to crash services or execute code via malicious SNMP traps. Emerged as a top concern on December 25, 2025, urging immediate patching.
Affects network management widely used in enterprises.
Cisco Secure Email Gateway Zero-Day CVE-2025-20393 Under Exploitation
Critical zero-day in Cisco Secure Email Gateway (CVE-2025-20393) allows unauthenticated remote code execution, compromising email appliances. Disclosed on December 25, 2025, putting defenders on high alert.
Active exploitation reported, demanding urgent updates.
Russian GRU Sandworm Campaign Targets Global Critical Infrastructure
Multi-year Russian state-sponsored campaign by GRU's Sandworm targets energy sectors in Western countries via misconfigured edge devices. Shifts from vulnerabilities to customer-owned devices for credential theft and lateral movement.
Emphasizes stealth with modular tools and cloud abuse for espionage.
Rhysida Ransomware Evolves as Double-Extortion Threat
Rhysida ransomware, active since 2023, uses encryption and data theft, with rapid sophistication increases. CYFIRMA assesses need for layered defenses and credential management.
Recent claims include large datasets for sale on dark web.
Sorb Threat Actor Active in Data Leaks and Breaches
Sorb group engages in data-leak operations, selling stolen data on dark web marketplaces. Linked to multiple security breaches with unauthorized access.
High activity and capability noted in recent intelligence.
n8n Remote Code Execution Vulnerability CVE-2025-68613
Critical RCE in n8n (CVE-2025-68613) affects versions up to 1.122.0, disclosed December 24, 2025. Authenticated users can execute code via workflow expressions in insufficiently isolated contexts.
Patches available; monitoring solutions incoming.
TikTok Fined $600m for GDPR Violations on China Data Transfers
Irish regulator fined TikTok €530m ($600m) in May 2025 for transferring EU users' PII to China without proper safeguards. TikTok's assurances were incorrect, lacking GDPR-equivalent protections under Chinese law.
Company appealing the decision.
Holiday Season Heightens Cyber Risks for Enterprises
Hackers target holidays when security teams are reduced, exploiting unpatched vulnerabilities and weak MFA. Sophos advises pre-holiday reviews; past incidents like SolarWinds revealed near Christmas.
AI may aid defenses during lulls.
AI-Generated Ransomware and NFC Attacks Dominate 2025 Threats
Surge in AI-created ransomware and NFC exploits for contactless payments as 2025 ends. Blurring lines between state espionage and cybercrime using trusted platforms like GitHub.
PyStoreRAT and Aisuru botnet highlight industrialized threats.