CISA has released two new ICS advisories on December 30, 2025. These advisories address vulnerabilities in WHILL C2 Wheelchairs and AzeoTech DAQFactory, providing critical information on current security issues and exploits.

Apple has addressed a zero-day vulnerability, CVE-2026-20700, in its Dynamic Link Editor (dyld), which was exploited in highly sophisticated attacks targeting specific individuals. This marks the first zero-day fix in 2026.

A significant data breach at ApolloMD, a Georgia-based healthcare provider, occurred between May 22 and May 23, 2025, compromising the sensitive information of 626,540 individuals. The breach was executed by the Qilin ransomware gang.

A significant data breach at Conduent has impacted over 25 million individuals, including 17,000 employees of Volvo Group North America. The breach exposed sensitive personal data, making it one of the largest breaches in recent history.

The Crazy ransomware gang is exploiting legitimate employee monitoring software and the SimpleHelp remote support tool to maintain persistence in corporate networks, evade detection, and prepare for ransomware deployment.

The "AgreeToSteal" attack marks the first known instance of a malicious Microsoft Outlook add-in in the wild, exploiting the abandoned "AgreeTo" add-in to steal over 4,000 Microsoft credentials.

The phishing campaign began in December 2025, initially targeting 504 organizations primarily in the financial services and consulting sectors as part of a testing phase.

ZeroDayRAT is a sophisticated mobile spyware platform targeting Android and iOS devices, offering cybercriminals full remote control. It poses significant risks to both individuals and enterprises

A cyber incident in Poland's energy sector targeted OT and ICS systems, affecting renewable energy plants, a combined heat and power plant, and a manufacturing company. The attack exploited vulnerable edge devices.

North Korean hackers, identified as UNC1069, targeted a cryptocurrency executive using a fake Zoom meeting and ClickFix scam. The attack aimed to enable cryptocurrency theft and fuel future social engineering campaigns.