Major Data Breaches and Vulnerabilities Dominate Cybersecurity News Today
Major Data Breaches and Vulnerabilities Dominate Cybersecurity News Today
On December 30, 2025, the cybersecurity landscape was rocked by multiple high-profile breaches and a critical vulnerability exploit. The University of Phoenix suffered a devastating data breach affecting approximately 3.5 million individuals, attributed to the Clop ransomware group. This incident exploited a vulnerability in Oracle's E-Business Suite, compromising sensitive data such as Social Security numbers and bank account details. Notifications began after the breach was discovered in November, raising serious concerns about data protection practices. Furthermore, a critical memory leak vulnerability in MongoDB (CVE-2025-14847) was actively exploited, allowing unauthenticated attackers to access sensitive information. This high-risk flaw, with a CVSS score of 8.7, affects MongoDB Server versions 3.6 through 8.x, emphasizing the urgent need for patching to prevent unauthorized access.
Also In Security Today
- Coupang Data Compromise: South Korea's Coupang revealed a breach affecting 33.7 million users, with data protection practices under scrutiny. The company plans to compensate affected users with $1 billion, but responses have been criticized as insufficient.
- European Space Agency Breach: The ESA confirmed unauthorized access to around 200 gigabytes of unclassified data, highlighting ongoing cybersecurity risks in public organizations.
- Ongoing Exploitation of CVE-2025-14847: The critical vulnerability in MongoDB is being actively exploited, with exploit code publicly available. Organizations using vulnerable versions are urged to patch immediately to mitigate risks.