Daily Digest

Microsoft and Google Patch Actively Exploited Zero-Days Amidst Major Healthcare Breaches and Sophisticated Supply Chain Attacks

Microsoft and Google Patch Actively Exploited Zero-Days Amidst Major Healthcare Breaches and Sophisticated Supply Chain Attacks

December 12, 2025
4 articles (4 new)
12 min read

Summary

In the 24-hour period ending December 12, 2025, the cybersecurity landscape was dominated by the urgent patching of actively exploited zero-day vulnerabilities by both Microsoft and Google. Microsoft's December Patch Tuesday addressed a critical privilege escalation flaw (CVE-2025-62221) already in use by attackers, while Google rushed out an emergency fix for its eighth Chrome zero-day this year. The healthcare sector remains under siege, with massive data breaches at Conduent and TriZetto Provider Solutions coming to light, affecting millions. Concurrently, new intelligence revealed sophisticated threats, including the "Shai-Hulud 2.0" supply chain worm, an espionage campaign by the Hamas-affiliated "Ashen Lepus" group, and a novel hardware attack named "Battering RAM" capable of breaking CPU security protections.

Filter by Category

New Articles (4)

Conduent Breach Exposes 10.5M Patients, Ranks as 8th Largest US Healthcare Breach

HIGH

Conduent Faces Class-Action Lawsuits After Massive Data Breach Affects Over 10.5 Million Individuals

Business services giant Conduent has disclosed a massive data breach that exposed the personal and medical information of over 10.5 million people, making it the 8th largest healthcare data breach in U.S. history. The breach, which was active for months between October 2024 and January 2025, has already cost the company $25 million in response efforts. The compromised data includes names, Social Security numbers, and health information, leading to multiple class-action lawsuits against the company.

December 12, 2025
5 min read
Healthcare BreachPIIPHIClass ActionConduent +1 more
Conduent Breach Exposes 10.5M Patients, Ranks as 8th Largest US Healthcare Breach

"Battering RAM": $50 Hardware Attack Cracks Intel and AMD Secure CPU Enclaves

HIGH

Researchers Unveil "Battering RAM," a Low-Cost Hardware Attack that Bypasses Intel SGX and AMD SEV Memory Encryption

At the Black Hat Europe 2025 conference, researchers from KU Leuven University demonstrated "Battering RAM," a novel hardware attack that completely undermines modern confidential computing technologies. Using a custom-built DDR4 interposer costing just $50, the attack can bypass the memory encryption of secure enclaves like Intel SGX and AMD SEV. This allows an attacker with physical access to read encrypted memory at runtime, extract secret keys, and defeat protections previously thought to be secure against physical threats.

December 12, 2025
5 min read
Hardware AttackConfidential ComputingIntel SGXAMD SEVSide-channel Attack +2 more
"Battering RAM": $50 Hardware Attack Cracks Intel and AMD Secure CPU Enclaves

TriZetto Discloses Year-Long Data Breach Exposing Patient PHI

HIGH

Cognizant-Owned TriZetto Provider Solutions Reveals Data Breach with Nearly Year-Long Attacker Dwell Time

TriZetto Provider Solutions, a healthcare revenue management company owned by Cognizant, has started notifying clients about a major data breach. An unauthorized party had access to patient data for nearly a full year, from November 2024 until the breach was detected on October 2, 2025. The attackers accessed historical reports containing sensitive Protected Health Information (PHI), including patient names, Social Security numbers, dates of birth, and health insurance details. The cybersecurity firm Mandiant was brought in to investigate the long-running intrusion.

December 12, 2025
5 min read
Healthcare BreachPHIDwell TimeTriZettoCognizant +1 more
TriZetto Discloses Year-Long Data Breach Exposing Patient PHI

Ransomware Goes Global, Targeting New Regions and Industries with Weaker Defenses

INFORMATIONAL

CyberCube Report Finds Ransomware Expanding to New Territories, LockBit Group Remains Highly Active

Ransomware is becoming a more globalized and unpredictable threat, according to the H2 2025 Global Threat Briefing from cyber analytics firm CyberCube. The report warns that ransomware groups are actively expanding into new geographic regions and industry sectors that have historically seen fewer attacks, often targeting those with less mature cyber defenses. The highly active LockBit ransomware-as-a-service (RaaS) group is a key driver of this trend. The findings suggest that traditional risk models based on geography or industry are becoming less reliable predictors of attack likelihood.

December 12, 2025
5 min read
Ransomware TrendsCyberCubeLockBitRaaSGlobal Threat +1 more
Ransomware Goes Global, Targeting New Regions and Industries with Weaker Defenses

📢 Share This Publication

Help others stay informed about cybersecurity threats

📅 Daily Edition

Curated and deduplicated every day from dozens of trusted sources — giving you one clean, consolidated view of what matters in cybersecurity.

🔢 Deduplication Applied

Related stories are merged into a single evolving article rather than repeated as separate entries — cutting through noise so you only read what's new.

🔗 Full Articles Linked

Every entry links to its full enriched article — complete with MITRE ATT&CK mappings, extracted IOCs, and actionable detection and mitigation guidance.