VulnHub

Fortinet FortiGate devices are currently under active attack due to two recently disclosed vulnerabilities, CVE-2025-59718 and CVE-2025-59719, which allow for authentication bypass through malicious single sign-on (SSO) logins. Cybersecurity firm Arctic Wolf reported observing these attacks on December 12, 2025, just days after the vulnerabilities were made public. This situation poses significant risks for organizations using FortiGate appliances, as attackers can potentially gain unauthorized access to sensitive systems. Companies using these devices should take immediate action to protect their networks and data from these ongoing intrusions.

Cybercriminals are currently exploiting two serious authentication bypass vulnerabilities in FortiGate appliances. These flaws allow unauthorized access to systems, putting sensitive data at risk for organizations using these devices. Fortinet has confirmed that these vulnerabilities are being actively exploited in the wild, making it urgent for users to take action. Companies that rely on FortiGate appliances should prioritize applying available patches and updates to protect against potential intrusions. The situation underscores the need for vigilance in maintaining security measures, especially with rapidly evolving threats.

Hackers linked to a group known as ShinyHunters have launched an extortion attempt against Pornhub following a data breach involving Mixpanel, an analytics platform. The breach exposed the search and viewing history of Premium users, raising serious privacy concerns. The attackers are reportedly demanding a ransom to prevent the release of this sensitive information. This incident not only affects Pornhub's reputation but also puts the personal data of its paying users at risk. As the situation unfolds, it serves as a stark reminder of the vulnerabilities that even major platforms face when it comes to user data protection.

The React2Shell vulnerability is currently being exploited by cybercriminals to install malware on Linux systems. Researchers from Palo Alto Networks and NTT Security have identified that this vulnerability facilitates the deployment of malicious tools like KSwapDoor and ZnDoor. KSwapDoor is particularly concerning as it is a sophisticated remote access tool designed to operate stealthily, allowing attackers to maintain control over compromised systems without detection. This ongoing threat affects organizations running vulnerable Linux environments, making it crucial for them to take immediate action to secure their systems. Users need to be aware of the risks and ensure their defenses are updated to mitigate potential attacks.

Askul Corporation, a major Japanese e-commerce company, reported a ransomware attack by the hacker group RansomHouse, resulting in the theft of approximately 740,000 customer records. The breach, which occurred in October, raises significant concerns about the security of customer data and the potential for identity theft or fraud. Askul has not disclosed the specific types of information taken, but the volume of records suggests that sensitive personal information may be involved. This incident highlights the ongoing challenges faced by companies in protecting consumer data against increasingly sophisticated cyber threats. Customers of Askul should remain vigilant and monitor their accounts for any suspicious activity.

AI technology is increasingly being used in the legal sector, but it's also leading to significant challenges. Reports indicate that AI-generated disinformation and deepfakes are creating chaos in courtrooms, undermining the integrity of legal proceedings. This misuse of technology can result in wrongful convictions and erode trust in the judicial system. Legal professionals are grappling with how to address these issues, which are becoming more prevalent as AI tools evolve. The implications of AI misapplication in legal contexts could have lasting effects on justice and accountability.

A recent phishing campaign has been discovered that spreads the Phantom information-stealing malware through ISO file attachments. Attackers are targeting users by disguising these malicious files as legitimate content, tricking them into opening the files and executing the malware. Once installed, Phantom can collect sensitive information, including login credentials and personal data. This campaign poses a significant risk to individuals and organizations, as it can lead to data breaches and identity theft. Users should be cautious when receiving unsolicited emails with attachments, especially ISO files, and ensure their security software is up to date.

A new version of the VolkLocker ransomware, operated by the pro-Russia group CyberVolk, has emerged with notable enhancements but also a significant vulnerability. Researchers discovered that the latest iteration allows victims to decrypt their own files without having to pay a ransom. This flaw undermines the effectiveness of the ransomware, potentially reducing the financial incentive for the attackers. Organizations targeted by this ransomware may find some relief, as they can regain access to their files independently. However, the situation remains concerning as the group continues to evolve its tactics. The presence of such vulnerabilities raises questions about the security measures businesses have in place against ransomware attacks.

Google's threat intelligence team has identified five additional Chinese hacking groups involved in exploiting the React2Shell vulnerability, which allows for remote code execution. This vulnerability is considered highly severe, making it a significant risk for affected systems. The groups are believed to be using this exploit to target various organizations, potentially compromising sensitive data and disrupting operations. The identification of these groups emphasizes the ongoing threat posed by state-sponsored hackers and the need for organizations to bolster their defenses against such attacks. Companies that utilize affected software should take immediate action to mitigate risks associated with this vulnerability.