State of (in)security - Week 52, 2025

In the week between Dec. 22, 2025, midnight and Dec. 29, 2025, midnight we witnessed a total of:

• 6 advisory/vulnerability events
• 20 incident/data breach events

Week over Week comparison of week 52 2025 vs week 51 2025:

• Advisories are down and incidents are up. Advisories are down from 17 in week 51 to 6 in week 52 2025. Incidents are up from 16 in week 51 2025 to 20 in week 52 2025.
• The number of known impacted individuals is down - from over 28 million in week 51 to 2.8 million in week 52 2025.

We also shared 2 practical knowledge items

Total impacted individuals via the events of the week

There were a total of 2,822,193 impacted individuals across 8 incidents, with the largest breach being the WIRED 2.3 million subscribers allegedly leaked, hacker threatens 40 million more of Condé Nast portfolio incident exposing 2,300,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.

Cause breakdown of incidents

Industry breakdown of incidents

Read the Event Details of the Week

Knowledge

• active attack | Fortinet warns of active exploitation of 2FA Bypass flaw in FortiGate devices
• active phishing | WhatsApp users targeted in account takeover attack dubbed GhostPairing

Vulnerabilities

• critical vulnerability | CISA reports actively exploted flaw in Digiever Network Video Recorder
• critical vulnerability | Critical authentication bypass flaw reported in Mitsubishi Electric air conditioning systems
• critical vulnerability | Critical buffer overflow flaw reported in Net-SNMP
• critical vulnerability | Critical LangChain serialization flaw enables secret extraction and arbitrary code execution
• critical vulnerability | MongoDB high severity flaw allows unauthenticated memory access via Zlib compression flaw
• critical vulnerability | NVIDIA patches critical vulnerabilities in Isaac Launchable Platform

Incidents

• data breach | Nissan reports data breach impacting 21,000 customers after Red Hat security incident
• data breach | Baker University data breach exposes data of over 53,000 individuals
• data breach | Shinhan Card reports internal data breach affecting 192,000 merchant representatives in South Korea
• data breach | Koinly Cryptocurrency tax software reports breach of user email addresses through third-party compromise
• data breach | SAX LLP data breach exposes sensitive data of over 228,000 people
• data breach | Bernalillo County reports potential data breach linked to third-party compromise
• data breach | Asiana Airlines reports data breach exposind employee data
• data breach | Trust Wallet browser extension breached, $7 Million stolen in supply chain attack
• data breach | Ubisoft Rainbow Six Siege servers shut down after multi-group cyberattack
• data breach | Dentistry.One reports data breach exposing patient information
• data breach | Activist group scrapes 300TB from Spotify Music Library
• data breach | FedEx Corporation Group Health Plan reports data breach affecting over 1,000 individuals
• data breach | DDoS attack hits France's National Postal Service
• data breach | Goldman Sachs alternative investment fund clients exposed in third party law firm breach
• data breach | WIRED 2.3 million subscribers allegedly leaked, hacker threatens 40 million more of Condé Nast portfolio
• ransomware | Everest ransomware group claims compromise of Chrysler
• ransomware | Microf LLC reports data breach claimed by Qilin ransomware group
• ransomware | Romanian National Water Agency locked out of systems encrypted by attackers with native BitLocker
• ransomware | Akira Ransomware Group claims breach of Ellafi Federal Credit Union, exposing data of 17,627 people
• ransomware | Romanian energy company Complexul Energetic Oltenia hit by ransomware attack