Major Vulnerabilities Exposed in AI Cameras and Data Breaches Hit Universities
Major Vulnerabilities Exposed in AI Cameras and Data Breaches Hit Universities
On December 24, 2025, cybersecurity incidents revealed alarming vulnerabilities across various sectors. Notably, over 60 surveillance cameras powered by Flock AI had their live feeds exposed online without authentication. This serious flaw, associated with CVEs CVE-2025-59403 and CVE-2025-59405, enables unauthorized access, despite the vendor's announcement of a cloud fix. Meanwhile, the University of Phoenix suffered a massive data breach impacting approximately 3.5 million individuals, attributed to a zero-day vulnerability in Oracle's E-Business Suite (CVE-2025-61882), with the Clop ransomware group claiming responsibility. Additionally, a breach at 700Credit compromised the personal information of at least 5.6 million individuals due to a flawed API connection. These incidents underscore the critical need for organizations to adopt rigorous security measures and prompt patching protocols.
Also In Security Today
- Fortinet Warning: Fortinet has issued an alert about active exploitation of CVE-2020-12812 in FortiOS SSL VPN, risking bypassing two-factor authentication. Organizations must review their configurations urgently. Read more.
- 700Credit Data Breach: A breach at 700Credit exposed sensitive data of 5.6 million individuals. The company is cooperating with the FBI and offering credit monitoring to those affected. More details.
- Flock AI Camera Vulnerability: With CVE-2025-59403 and CVE-2025-59405, Flock AI's cloud fix is not enough as firmware vulnerabilities persist, highlighting the need for better authentication in surveillance tech. Learn more.
- University of Phoenix Breach: The breach affecting 3.5 million users has raised concerns over Oracle's security protocols, emphasizing the need for robust defenses against such zero-day vulnerabilities. Read the full report.