VulnHub

Real-time Cybersecurity News

December 2025 Patch Tuesday: One Critical Zero-Day, Two Publicly Disclosed Vulnerabilities Among 57 CVEs

Blog
Actively Exploited
CVEZero-dayVulnerabilityPatchCritical

Overview

On December 2025 Patch Tuesday, a total of 57 Common Vulnerabilities and Exposures (CVEs) were reported, including one critical zero-day vulnerability and two others that have been publicly disclosed. The zero-day is particularly concerning as it is actively exploited, meaning attackers may already be using it to compromise systems. Users and organizations running affected software should prioritize applying the latest patches to mitigate these risks. The vulnerabilities impact various products and systems, highlighting the ongoing need for vigilance in cybersecurity practices. Keeping software updated is essential to defend against potential exploitation.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: Various software products from multiple vendors (specific products not detailed)
  • Action Required: Apply the latest patches released during December 2025 Patch Tuesday.
  • Timeline: Newly disclosed

Impact

Various software products from multiple vendors (specific products not detailed)

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Newly disclosed

Remediation

Apply the latest patches released during December 2025 Patch Tuesday

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to CVE, Zero-day, Vulnerability, and 2 more.

Read Original Article

Related Coverage

Phishing scam exploits performance review anxiety to deploy malware

SCM feed for Latest

A new phishing campaign is targeting employees by exploiting their anxiety around performance reviews. The attackers are sending emails that impersonate management or HR, claiming to discuss performance evaluations scheduled for October 2025 and falsely hinting at potential layoffs. This tactic aims to create urgency and fear, prompting recipients to click on malicious links or download malware. Companies and employees need to be vigilant, as these scams can lead to data breaches or financial loss. The incident highlights the need for better cybersecurity awareness and training, especially during sensitive times like performance review periods.

Jan 13, 2026

Belgian hospital AZ Monica shuts down servers after cyberattack

BleepingComputer

AZ Monica, a hospital in Belgium, has had to shut down all its servers following a cyberattack that forced the cancellation of scheduled procedures and the transfer of critical patients. The incident raises serious concerns about the impact of cyber threats on healthcare facilities, which are often vulnerable targets. Hospitals rely heavily on their IT systems for patient care, and disruptions can lead to significant risks for patient safety and treatment continuity. This attack not only affects the immediate operations of AZ Monica but also serves as a reminder of the growing threats facing healthcare institutions worldwide. The situation is still developing as the hospital works to assess the damage and restore its systems.

Jan 13, 2026

Long-Running Web Skimming Campaign Steals Credit Cards From Online Checkout Pages

The Hacker News

Researchers have uncovered a significant web skimming campaign that has been stealing credit card information from online checkout pages since January 2022. This attack primarily targets major payment networks, including American Express, Mastercard, and UnionPay, affecting enterprise organizations that use these payment services. The skimming malware is designed to capture sensitive payment information as users enter it during online transactions. As a result, customers of these affected enterprises may be at risk of fraud and identity theft. It’s crucial for businesses to enhance their security measures and for users to monitor their financial statements for any suspicious activity.

Jan 13, 2026

GoBruteforcer Botnet Targeting Crypto, Blockchain Projects

SecurityWeek

The GoBruteforcer botnet is currently targeting cryptocurrency and blockchain projects by exploiting weak passwords and outdated web technologies. Researchers have identified that the botnet spreads through automated server deployments that are poorly secured. This means that many organizations within the crypto space could be at risk, as attackers can gain unauthorized access to their systems. The use of AI in the propagation of this botnet raises concerns about the evolving tactics of cybercriminals, making it crucial for affected companies to strengthen their security measures. As the cryptocurrency sector continues to grow, the potential impact of such attacks could be significant, leading to financial losses and data breaches.

Jan 13, 2026

India tightens crypto regulations to combat financial crime

SCM feed for Latest

India's Financial Intelligence Unit (FIU-IND) has implemented new regulations aimed at tightening oversight of cryptocurrency activities within the country. These guidelines require all crypto businesses catering to Indian users, including those based offshore, to register with the FIU. Additionally, these entities must disclose key details such as their officers, business locations, and ownership structures. This move is part of India's broader effort to combat financial crimes linked to cryptocurrencies, which have been increasingly scrutinized due to their potential for misuse in money laundering and other illicit activities. By enforcing these regulations, the Indian government aims to enhance transparency and accountability in the crypto sector, which could have significant implications for how these businesses operate and for investor protection.

Jan 13, 2026

Hackers claim to sell Target source code after alleged data leak

SCM feed for Latest

Hackers have reportedly leaked parts of Target's internal source code and developer documentation on Gitea, a self-hosted Git service. The threat actor created multiple repositories that allegedly contain sensitive information related to Target's operations. This incident raises significant concerns about the security of Target's systems and the potential misuse of the leaked code. If the claims are verified, it could lead to increased vulnerability for Target and its customers, as attackers may exploit the leaked information to launch further attacks or create malicious software. Companies need to be vigilant about their internal data security to prevent such leaks from occurring.

Jan 13, 2026