Cyber Briefing: 2025.12.16
Zero-day exploits hit Apple and Gogs as major data breaches, state-backed cyber campaigns, scams, and insider threats drive global cyber risk.
👉 What’s the latest in the cyber world today?
Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.
First time seeing this? Please Subscribe
🚨 Cyber Alerts
1. Apple Fixes Two Zero Day Flaws
Apple issued emergency updates to fix two zero-day vulnerabilities, CVE-2025-43529 and CVE-2025-14174, that were being exploited in extremely sophisticated and targeted attacks. Users are strongly advised to install the latest updates promptly, as the flaws affect numerous devices running older operating system versions.
2. Paypal Subscriptions Send Fake Emails
An ongoing email scam exploits a weakness in PayPal’s “Subscriptions” billing feature, allowing malicious actors to send genuine PayPal emails containing fraudulent purchase alerts within the Customer service URL field. This deceptive tactic is used to bypass standard security filters and aims to convince recipients that they have made an expensive unauthorized purchase, urging them to call a bogus support number.d by unsafe deserialization allowing remote code execution on vulnerable servers.
3. Amazon Exposes GRU Cyber Campaign
A Russian state-sponsored cyber campaign, active from 2021 to 2025 and attributed to the GRU-linked APT44 (Sandworm), targeted Western critical infrastructure, including energy organizations and North American and European providers, primarily by exploiting misconfigured customer network edge devices. This years-long activity showed a tactical shift from relying on N-day and zero-day exploits toward credential harvesting and lateral movement by intercepting traffic from vulnerable edge devices, including those hosted on AWS.
For more alerts click here!
💥 Cyber Incidents
4. Askul Confirms Theft Of 740k Records
Japanese e-commerce firm Askul Corporation confirmed that a ransomware attack suffered in October by the RansomHouse group resulted in the theft of approximately 740,000 customer and partner records. The company, which is still working to fully restore its systems, has informed authorities and is individually notifying affected business and individual customers about the data compromise.
5. SoundCloud Confirms Member Data Breach
Audio streaming platform SoundCloud confirmed that recent outages and VPN connection issues were due to a security breach where threat actors stole a database containing users’ email addresses and public profile information. The breach, which follows several days of widespread user reports of 403 “forbidden” errors when attempting to access the site via VPN, is estimated to affect approximately 28 million accounts, or 20% of SoundCloud’s user base.
6. Critical Gogs Zero Day Under Attack
Hackers leveraged an unpatched zero-day vulnerability in the self-hosted Git service Gogs to gain remote code execution, affecting approximately 700 Internet-facing servers. Gogs is a lightweight and easily deployable self-hosted Git service that allows users to manage their own Git repositories on their servers, similar to services like GitHub or GitLab.
For more incidents click here!
📢 Cyber News
7. Third DraftKings Hacker Pleads Guilty
Nathan Austad, also known as ‘Snoopy’, is the third person to plead guilty in connection with a credential stuffing attack that compromised over 60,000 user accounts on a fantasy sports and betting website, resulting in the theft of approximately $600,000 from about 1,600 victims. The 21-year-old from Minnesota admitted to his role in hacking the accounts and selling access to them to drain their funds, and he now faces up to five years in prison for computer intrusion conspiracy.
8. Kali Linux 2025 4 Released With Updates
Kali Linux 2025.4, the final update of the year, introduces three new hacking tools, desktop environment improvements like enhanced Wayland support, and a preview of Wifipumpkin3 in NetHunter. The distribution is specifically designed for cybersecurity professionals and ethical hackers for tasks such as red-teaming, penetration testing, security assessments, and network research.
9. Coupang Breach Linked To Ex Employee
A former Coupang employee who maintained system access after leaving the company is implicated in a data breach exposing the information of 33.7 million customers, as confirmed by the Seoul Metropolitan Police Agency. The company’s CEO resigned amid the ongoing police investigation into what is the largest cybersecurity breach in South Korean history.
For more news click here!
📈Cyber Stocks
On Tuesday, 16th December, cybersecurity stocks broadly traded lower as broader market risk aversion and profit-taking weighed on tech and defensive names. Despite persistent enterprise demand for cloud security, identity protections and perimeter defense, broader volatility and rotation into cyclical sectors kept sector gains subdued.
Zscaler closed at 230.31 dollars and moved lower, reflecting rotation pressure and broader market caution despite ongoing adoption of cloud-delivered security and zero-trust architectures.
Check Point Software Technologies closed at 187.29 dollars and eased, as mixed sentiment in tech and defensive names tempered upside even though demand for firewall and perimeter protections remained steady.
Okta closed at 88.20 dollars and slid, with identity-security spending holding firm but broader market pressures keeping the stock from advancing.
Palo Alto Networks closed at 185.88 dollars and declined, as broader tech
weakness and valuation pressure outweighed continued confidence in its unified AI-driven security platform and long-term enterprise demand.
Fortinet closed at 81.52 dollars and dipped modestly, with near-term profit-taking influencing the stock even as steady investment in zero-trust and network-security solutions persisted.
💡 Cyber Tip
💳 PayPal Subscriptions Used to Send Fake Purchase Emails
Scammers are abusing PayPal’s Subscriptions feature to send legitimate PayPal emails that contain fake purchase alerts hidden inside the customer service link. The emails appear to come from PayPal and claim an expensive item was purchased, pressuring victims to call a fake support number to cancel the charge.
🔐 What You Should Do
Do not call phone numbers listed in PayPal emails
Never click customer service links in unexpected billing messages
Log in to PayPal directly via the official app or website to verify charges
Report suspicious emails to PayPal and delete them
Enable two factor authentication on your PayPal account
⚠️ Why This Matters
Because these emails are sent from PayPal’s own systems, they bypass spam filters and look fully legitimate. The goal is to scare users into calling scammers who then commit fraud or push malware. Direct account verification is the safest response.
📚 Cyber Book
The Secret to Cybersecurity by Scott Augenbaum
That concludes today’s briefing. You can check the top headlines here!
Copyright © 2025CyberMaterial. All Rights Reserved.
Follow CyberMaterial on:
Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium