Massive Financial Breaches Expose 18M+; Apple & Google Patch Actively Exploited Zero-Days

Publication Date: December 16, 2025

Summary

This cybersecurity brief for December 16, 2025, covers a series of critical incidents. Major data breaches at financial firms 700Credit and Prosper Marketplace have exposed the sensitive information of over 18 million individuals. Concurrently, Apple and Google rushed to patch two actively exploited zero-day vulnerabilities in the WebKit engine. Other significant events include CISA's mandate to patch a critical GeoServer flaw, active attacks on Fortinet SSO vulnerabilities, and data exposures at SoundCloud and Pornhub. Ransomware continues to plague the healthcare sector with an attack on Fieldtex by the Akira group, while new malware campaigns target developers on GitHub.

Today New Articles

SoundCloud and Pornhub Confirm User Data Exposure in Separate Breaches, One Via Third-Party

Both SoundCloud and Pornhub have confirmed security incidents exposing user data. SoundCloud suffered a direct breach of an ancillary service dashboard, resulting in the exfiltration of email addresses and public profile information for up to 28 million users...

CISA Orders Federal Agencies to Patch Actively Exploited Critical GeoServer XXE Flaw

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical XML External Entity (XXE) injection vulnerability in OSGeo GeoServer, CVE-2025-58360, to its Known Exploited Vulnerabilities (KEV) catalog. The flaw, which has a CVSS score u...

Active Attacks Exploit Critical Fortinet SSO Bypass Flaws to Gain Admin Access

Security firm Arctic Wolf has observed active exploitation of two critical authentication bypass vulnerabilities in Fortinet products, CVE-2025-59718 and CVE-2025-59719. Both flaws, rated 9.1 in severity, allow an unauthenticated attacker to bypass FortiCloud...

FreePBX Patches Critical Auth Bypass and RCE Flaws; Update VoIP Platforms Immediately

The popular open-source VoIP platform FreePBX has been updated to fix several serious security vulnerabilities, including a critical authentication bypass (CVE-2025-66039) with a 9.3 CVSS score. This flaw, present in a non-default configuration, allows an atta...

New 'PyStoreRAT' Malware Spreads Via Fake OSINT and AI Tools on GitHub

A new malware campaign is distributing an information-stealing Remote Access Trojan (RAT) called 'PyStoreRAT' through fake GitHub repositories. Threat actors create repositories for what appear to be legitimate OSINT, AI, or DeFi tools, artificially inflating...