What was the total number of security events in week 50 of 2025?

In week 50 of 2025 (December 8-15, 2025), there were a total of 29 security events: 16 advisory/vulnerability events and 13 incident/data breach events.

How many individuals were impacted by data breaches in week 50 of 2025?

There were a total of 296,100 impacted individuals across 3 incidents in week 50 of 2025, down significantly from 5.6 million in week 49.

What was the largest data breach incident in week 50 of 2025?

The largest breach was the Fieldtex products ransomware attack affecting 238,000 patients, which exposed 238,615 individuals.

Which industries were most affected by security incidents in week 50 of 2025?

Healthcare was the most affected industry with 4 incidents, followed by IT/Software/Technology with 2 incidents. Other affected sectors included Education, Non-profit/Charity, Insurance, and Finance with 1 incident each.

What were the main causes of security incidents in week 50 of 2025?

The primary cause was Malware, Ransomware and Related Attacks with 3 incidents. Other causes included Human bad security behaviour, Software Vulnerability and SDLC Exploits, and System Misconfiguration Exploits, each with 1 incident.

Knowledge

State of (in)security - Week 50, 2025

published: Dec. 15, 2025

Take action: Data brokers are just greedy, but not at all good with their data protection. Because it's not their data, it's simply grabbed and abused.

Learn More

In the week between Dec. 8, 2025, midnight and Dec. 15, 2025, midnight we witnessed a total of:

16 advisory/vulnerability events
13 incident/data breach events

Week over Week comparison of week 50 2025 vs week 49 2025:

Advisories are up and incidents are down. Advisories are up from 14 in week 49 to 16 in week 50 2025. Incidents are down from 17 in week 49 2025 to 13 in week 50 2025.
The number of known impacted individuals is down - from 5.6 million in week 49 to 296 thousand in week 50 2025.

We also shared 3 practical knowledge items

Total impacted individuals via the events of the week

There were a total of 296,100 impacted individuals across 3 incidents, with the largest breach being the Fieldtex products reports ransomware attack affecting 238,000 patients incident exposing 238,615 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.

Cause breakdown of incidents

Cause	Number of incidents
Malware, Ransomware and Related Attacks	3
Human bad security behaviour	1
Software Vulnerability and SDLC Exploits	1
System Misconfiguration Exploits	1

Industry breakdown of incidents

Industry	Number of incidents
Healthcare	4
IT/Software/Technology	2
Education	1
Non-profit/Charity	1
Other	1
Insurance	1
Finance	1

Read the Event Details of the Week

Knowledge

active exploit | CISA reports active exploitation of GeoServer XXE flaw
active exploit | Gogs Zero-Day vulnerability actively exploited
active exploit | Notepad++ users targeted in supply chain attack through update mechanism

Vulnerabilities

critical vulnerability | Adobe releases December 2025 patches for multiple products
critical vulnerability | Apple patches two actively exploited WebKit flaws
critical vulnerability | ConnectWise ScreenConnect patches critical code execution flaw
critical vulnerability | Critical authentication bypass flaws reported in multiple Fortinet products
critical vulnerability | Critical authentication bypass vulnerability discovered in multiple India-based CCTV camera systems
critical vulnerability | Critical authentication flaw reported in Cal.com
critical vulnerability | Critical flaw reported in Siemens advanced licensing toolkit
critical vulnerability | Emby Server vulnerability allows unauthenticated administrative access
critical vulnerability | Google patches actively exploited Chrome vulnerability
critical vulnerability | Ivanti patches critical XSS flaw and three high-severity Flaws in Endpoint Manager
critical vulnerability | Microsoft December 2025 patch Tuesday fixes one actively exploited, 3 critical, total of 57 flaws
critical vulnerability | New React Server vulnerabilities reported, enable Denial-of-Service attacks and source code exposure
critical vulnerability | Researchers report a vulnerability class in AI-Powered development tools dubbed IDEsaster
critical vulnerability | SAP December 2025 patch day fixes critical code Injection and multiple high-severity flaws
critical vulnerability | Siemens reports critical flaw in IAM Client on multiple industrial products
critical vulnerability | SOAPwn vulnerability class in .NET Framework HTTP client proxies enable remote code execution

Incidents

critical vulnerability | 0G Foundation reports $520,000 security breach through exploitation of critical Next.js flaw
data breach | Royal Cornwall Hospital Trust inadvertently exposes staff sickness records
data breach | Chaos ransomware gang claims attack and data theft of ThinkMarkets
data breach | Massive 16TB database leaks 4.3 billion professional records
data breach | Swift Institute reports data breach exposing patient data
data breach | Fieldtex products reports ransomware attack affecting 238,000 patients
data breach | TriZetto Provider Solutions reports year-long data breach affecting healthcare provider clients
data breach | First Baptist Church of Glenarden reportds data breach
data breach | Hackers claim breach of Russian military draft database developer
data breach | Cove Risk Services reports data breach exposing data of nearly 50,000 individuals
ransomware | Deschutes public library system closes all locations after cyberattack
ransomware | Space Bears ransomware gang claims breach contractor Quasar Inc, theft of of Comcast engineering data
ransomware | Qilin ransomware gang claims breach of the Church of Scientology's UK operations

Read More
State of (in)security - Week 37, 2024
Researchers discover undocumented parameter exploit flaw in Lightning.AI …
Time to start pentesting your AI models, because …
State of (in)security - Week 10, 2026
A real story about US Government agency hacked …