Cyber security news December 2025

116 Comments

1. January 1, 2026 at 3:23 pm

   Tomi Engdahl says:

   https://cybersecuritynews.com/hackers-using-phishing-tools/

   Reply
2. January 1, 2026 at 3:24 pm

   Tomi Engdahl says:

   Fix Your Email Authentication in Only 15 Minutes Using This Tech-Friendly Test So Your Emails Actually Get Delivered to the Inbox Instead of Going to “Promotions” or “Spam”
   https://go.sixthdivision.com/srlm?utm_source=meta&utm_medium=Engagers+Adv%2B+-+Tracking+Restart&utm_campaign=Sender+Rep+Opt+In&utm_content=Copy+4+-+Brad+Over+Shoulder+Coaching&Placement=Facebook_Mobile_Feed&WickedSource=Facebook&WickedID=120234743659590519&visi_source=facebook&ad_id=120234743659590519&fbclid=Iwb21leAO7ISFleHRuA2FlbQEwAGFkaWQBqyjc1MhDZ3NydGMGYXBwX2lkDDM1MDY4NTUzMTcyOAABHlx_HOhOOpSs0wHrP9GQwEcPwSzQTCYc-hio_XlZ3zbmX6HW7gJodIJw2oRB_aem_XwFAOI8b4ZfK7ikmSwvalw&utm_id=120232277583180519&utm_term=120232569083870519

   Reply
3. January 1, 2026 at 3:26 pm

   Tomi Engdahl says:

   https://cybersecuritynews.com/critical-mongodb-vulnerability/

   Reply
4. January 1, 2026 at 3:34 pm

   Tomi Engdahl says:

   https://cybersecuritynews.com/pcpcat-hacked-next-js-servers/

   Reply
5. January 1, 2026 at 3:51 pm

   Tomi Engdahl says:

   https://www.csoonline.com/article/4108328/the-raspberry-pi-wakeup-call-why-enterprises-must-rethink-physical-security.html

   Reply
6. January 1, 2026 at 4:01 pm

   Tomi Engdahl says:

   https://thehackernews.com/2025/12/fake-whatsapp-api-package-on-npm-steals.html

   Reply
7. January 1, 2026 at 4:04 pm

   Tomi Engdahl says:

   https://cybersecuritynews.com/hackers-weaponize-svg-files-and-office-documents/

   Reply
8. January 1, 2026 at 4:38 pm

   Tomi Engdahl says:

   https://www.microsoft.com/en-us/security/blog/2025/12/15/defending-against-the-cve-2025-55182-react2shell-vulnerability-in-react-server-components/

   Reply
9. January 1, 2026 at 4:39 pm

   Tomi Engdahl says:

   In Cybersecurity, Claude Leaves Other LLMs in the Dust
   Anthropic proves that LLMs can be fairly resistant to abuse. Most developers are either incapable of building safer tools, or unwilling to invest in doing so.
   https://www.darkreading.com/cybersecurity-analytics/cybersecurity-claude-llms

   Reply
10. January 1, 2026 at 4:40 pm

    Tomi Engdahl says:

    Let’s Encrypt Unveils New “Generation Y” Root and 45-Day Certificates
    https://cybersecuritynews.com/lets-encrypt-unveils-new-generation-y-root/

    Reply
11. January 1, 2026 at 4:41 pm

    Tomi Engdahl says:

    https://www.bleepingcomputer.com/news/security/zeroday-cloud-hacking-event-awards-320-0000-for-11-zero-days/

    Reply
12. January 1, 2026 at 4:43 pm

    Tomi Engdahl says:

    Denmark says Russia was behind two ‘destructive and disruptive’ cyber-attacks
    Intelligence service says attacks were work of groups connected to Russian state in ‘clear evidence’ of hybrid war
    https://www.theguardian.com/world/2025/dec/18/denmark-says-russia-was-behind-two-destructive-and-disruptive-cyber-attacks

    Reply
13. January 1, 2026 at 4:45 pm

    Tomi Engdahl says:

    Massiivinen tietovuoto: ”Koskee toden­näköisesti jopa satoja­tuhansia suomalaisia”
    Vahinko on valtava, mutta sen seurauksia on vaikea arvioida, Cybernews kertoo.
    https://www.is.fi/digitoday/tietoturva/art-2000011692754.html

    Internetistä paljastui erittäin iso kokoelma tietoja, joissa on mukana myös runsaasti LinkedInistä kerättyjä käyttäjätietoja. Kokoelman löytänyt Cybernews laskee tietojen vievän tilaa yli 16 teratavua, mikä vastaa yli 16 000 gigatavua. Vertailun vuoksi tyypillisen tietokoneen tallennustila on noin 512–1024 gigatavua.

    Tietojen joukossa on 4,3 miljardia tietuetta ja 732 miljoonaa ainutkertaista käyttäjäprofiilia. Näiden ilmeisesti suurelta osin LinkedInistä peräisin olevien tietojen joukossa on esimerkiksi:

    Koko nimet.

    Sähköpostit ja puhelinnumerot.

    LinkedIn-verkko-osoitteet ja profiilien nimet.

    Asemat organisaatiossa, työnantajat ja aiemmat työpaikat.

    Koulutus, tutkinnot ja sertifikaatit.

    Sijaintitiedot.

    Kielitaidot ja muu osaaminen.

    Sosiaalisen median tilit.

    – Kaikkiaan käyttäjiä LinkedIn-palvelussa on noin 1,2 miljardia, joten tämä koskee todennäköisesti jopa satojatuhansia suomalaisia

    Reply
14. January 1, 2026 at 4:45 pm

    Tomi Engdahl says:

    Microsoft will finally kill obsolete cipher that has wreaked decades of havoc
    The weak RC4 for administrative authentication has been a hacker holy grail for decades.
    https://arstechnica.com/security/2025/12/microsoft-will-finally-kill-obsolete-cipher-that-has-wreaked-decades-of-havoc/

    Reply
15. January 1, 2026 at 7:24 pm

    Tomi Engdahl says:

    “Post-quantum encryption is not the end” – NordVPN aims for world-first security milestones in 2026
    Features
    By Chiara Castro published December 28, 2025
    NordVPN strives for cryptographic agility

    https://www.techradar.com/vpn/vpn-privacy-security/post-quantum-encryption-is-not-the-end-nordvpn-aims-for-world-first-security-milestones-in-2026

    Reply
16. January 1, 2026 at 7:58 pm

    Tomi Engdahl says:

    Hackers Claim Breach of WIRED Database Containing 2.3 million Subscriber Records
    https://cybersecuritynews.com/wired-database-breach/#google_vignette

    Reply