![Cybersecurity News | Daily Recap [31 Dec 2025]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [31 Dec 2025]")
Daily Recap, critical patch notices hit IBM API Connect with an authentication bypass that could expose protected services, and a critical SmarterMail flaw (CVE-2025-52691) enabling unauthenticated RCE on vulnerable servers, with CISA ordering patches for the MongoBleed flaw following observed intrusions that affected Oracle EBS deployments including Korean Air and the University of Phoenix. The European Space Agency confirmed a breach of external servers, Disney agreed to pay $10 million to settle child data privacy claims related to YouTube content, two ALPHV/BlackCat ransomware operators pleaded guilty, and new info-stealers and malvertising campaigns—ErrTraffic, Lumma, Vidar, Cerberus, and Zoom Stealer—illustrate ongoing threat activity, alongside Intellexa Predator sanctions being reversed. #IBMAPIConnect #CVE2025_52691 #MongoBleed #OracleEBS #KoreanAir #UniversityofPhoenix #EuropeanSpaceAgency #Disney #ALPHV #BlackCat #ErrTraffic #Lumma #Vidar #Cerberus #ZoomStealer #Intellexa #Predator
Vulnerabilities & Patches
- IBM warns of a critical API Connect authentication-bypass that could let attackers access protected services – IBM API Bug
- Singapore and the CSA warn of a critical SmarterMail flaw (CVE-2025-52691) enabling unauthenticated remote code execution on vulnerable servers – SmarterMail RCE, SmarterMail RCE
- CISA orders federal agencies to patch the actively exploited MongoBleed flaw after observed intrusions – MongoBleed Patch
- Recent intrusions exploiting Oracle EBS impacted organizations including Korean Air and the University of Phoenix – Oracle EBS
Breaches & Privacy
- The European Space Agency confirmed a breach of external servers after a hacker offered to sell stolen data – ESA Breach, ESA Breach
- Disney agreed to pay $10 million to settle claims over children’s data privacy violations related to YouTube content – Disney Settlement
Ransomware & Prosecutions
- Two U.S. cybersecurity experts pleaded guilty to deploying the ALPHV/BlackCat ransomware in extortion attacks against multiple organizations – BlackCat Guilty, BlackCat Guilty, BlackCat Guilty
Espionage & Sanctions
- The U.S. Treasury lifted sanctions on three executives tied to Intellexa and its Predator spyware, reversing 2024 restrictions amid scrutiny over surveillance tools – Intellexa Sanctions, Intellexa Sanctions
Info-stealers & Malvertising
- The new ErrTraffic service automates ClickFix social‑engineering attacks using fake browser glitches to deliver stealers and backdoors (e.g., Lumma, Vidar, Cerberus) across platforms – ErrTraffic ClickFix
- Malicious Zoom Stealer browser extensions are harvesting corporate meeting intelligence from infected users’ browsers – Zoom Stealer
- Analysis shows how infostealers can turn legitimate businesses into malware hosts, amplifying distribution and persistence – Victim→Vector
Industry & M&A
- At least 8 cybersecurity acquisitions surpassed the $1 billion mark in 2025, highlighting ongoing market consolidation and investment in security firms – Mega Deals