How many security events occurred during the week of November 24 - December 1, 2025?

During the week of November 24-December 1, 2025, there were a total of 21 security events: 8 advisory/vulnerability events and 13 incident/data breach events. This represents a decrease from the previous week, with advisories down from 13 to 8 and incidents down from 29 to 13.

How many individuals were affected by data breaches this week?

A total of 473,787 individuals were impacted across 6 incidents with reported numbers. This is a significant decrease from the previous week which had 1.3 million affected individuals. The actual number is likely higher as not all incidents report the number of impacted individuals.

What was the largest data breach incident of the week?

The largest breach was the UK broadband provider Brsk data breach, which exposed over 230,000 customer records, affecting 230,105 individuals. This incident accounted for nearly half of all reported impacted individuals for the week.

Which industries were most affected by security incidents?

Healthcare was the most affected industry with 4 incidents, followed by Consulting/Professional Services and Government with 2 incidents each. Other affected sectors included Telecommunications, Education, IT/Software/Technology, Non-profit/Charity, and Finance with 1 incident each.

What were the main types of security threats reported?

The primary threat types included Malware, Ransomware and Related Attacks (3 incidents), Unauthorized Access (3 incidents), Human Bad Security Behaviour (2 incidents), Software Vulnerability and SDLC Exploits (1 incident), and Third Party Compromise (1 incident). Critical vulnerabilities were also reported across multiple vendors including Apache, ASUS, HCL, and NVIDIA.

Knowledge

State of (in)security - Week 48, 2025

published: Dec. 1, 2025

Take action: Don't panic over urgent "account blocked" warnings in unexpected emails. Never click links or open files in these messages. Instead, type the official website address of your cloud provider directly into your browser to check your actual account status.

Learn More

In the week between Nov. 24, 2025, midnight and Dec. 1, 2025, midnight we witnessed a total of:

8 advisory/vulnerability events
13 incident/data breach events

Week over Week comparison of week 48 2025 vs week 47 2025:

We also shared 4 practical knowledge items

Total impacted individuals via the events of the week

There were a total of 473,787 impacted individuals across 6 incidents, with the largest breach being the UK broadband provider Brsk hit by data breach exposing over 230,000 customer records incident exposing 230,105 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.

Cause breakdown of incidents

Cause	Number of incidents
Malware, Ransomware and Related Attacks	3
Unauthorized access	3
Human bad security behaviour	2
Software Vulnerability and SDLC Exploits	1
Third Party Compromise	1

Industry breakdown of incidents

Industry	Number of incidents
Healthcare	4
Consulting/Professional Services	2
Government	2
Telecommunications	1
Education	1
IT/Software/Technology	1
Non-profit/Charity	1
Finance	1

Read the Event Details of the Week

Knowledge

active exploit | Campaign dubbed ShadowRay 2.0 exploits unpatched Ray AI framework flaw to install cryptominers
active exploit | CISA reports active exploitation of Cross-Site Scripting flaw in OpenPLC ScadaBR
active phishing | Expired cloud storage scam using Google Cloud Storage domain to host scam page
active exploit | Massive NPM supply chain attack dubbed Shai Hulud 2 actively exploiting packages

Vulnerabilities

critical vulnerability | Apache Syncope hard-coded AES key flaw exposes user passwords
critical vulnerability | ASUS reports vulnerabilities in MyASUS application and router firmware
critical vulnerability | Critical authentication bypass flaw in HCL BigFix WebUI allows SAML assertion manipulation
critical vulnerability | Critical unaithenticated RCE flaws reported in Zenitel TCIV-3+ IP Video Intercom
critical vulnerability | Mitsubishi Electric FA Engineering Software contains multiple flaws
critical vulnerability | Multiple culnerabilities reported in Festo Industrial Control Systems
critical vulnerability | Multiple vulnerabilities reported in Fluent Bit expose risks to cloud infrastructure
critical vulnerability | NVIDIA releases security update for DGX Spark AI computing platform, patches at least one critical flaw

Incidents

critical vulnerability | Upbit cryptocurrency exchange suffers $36.9 Million hot wallet breach on Solana network
data breach | VITAS Healthcare reports data breach through compromised vendor account
data breach | Dartmouth College reports data breach caused by exploit of Oracle E-Business Suite vulnerability
data breach | Law Firm Davies, McFarland & Carroll LLC reports ransomware attack exposing data of 54,000 people
data breach | Mental health provider Metrocare Services reports data breach affecting 8,600 clients
data breach | Delta Dental of Virginia reports email account breach exposing data of 146,000 people
data breach | UK broadband provider Brsk hit by data breach exposing over 230,000 customer records
data breach | French Football Federation reports data breach, member data theft
data breach | OpenAI reports third party data breach affecting API Users through analytics provider Mixpanel
data breach | Shasta County Health and Human Services Agency reports data breach, possible insider incident
data breach | Western Wayne Healthcare reports data breach exposing patient data
ransomware | Cyberattack disrupts IT Systems across three London councils
ransomware | Georgia Court records system hit by ransomware attack demanding $400,000

Read More
State of (in)security - Week 11, 2025
State of (in)security - Week 13, 2026
State of (in)security - Week 6, 2025
Payouts King Ransomware Uses QEMU Virtual Machines to …
State of (in)security - Week 50, 2025