
Loading summary
A
From the CISO series, it's Cybersecurity Headlines.
B
These are the cybersecurity headlines for Monday, December 15, 2025. I'm Steve Prentiss.
C
16 terabyte MongoDB database exposes nearly 4.3.
B
Billion professional records the data discovered by.
C
Researchers at Nexus AI was discovered on November 23 and secured two days later. Consisting of mainly LinkedIn style data, the researchers suggest it would be useful in enabling large scale AI driven social engineering attacks. Although it is difficult to determine the age of the LinkedIn data, many records were collected or updated in 2025, but some may have been scraped from LinkedIn.
B
Leaks that occurred in 2021. Apple posts updates after discovery of WebKit flaws the two security updates are for iOS, iPad, OS, Mac OS, TVOS, WatchOS.
C
Vision OS and the Safari web browser. And the two security flaws, both with.
B
CVE numbers and one of which was patched by Google and Chrome last week.
C
May have been exploited in an extremely sophisticated attack against specific targeted individuals on.
B
Versions of iOS before iOS 26, says Apple.
C
Teams at Apple and Google have deduced that the vulnerabilities were likely weaponized in highly targeted mercenary spyware attacks, given that.
B
They both affect webkit.
C
Coupang data breach.
B
Traced to X employee following up on.
C
A story we have been covering all this month, the Seoul Metropolitan Police Agency now says the data breach at South Korean retailer Coupang that exposed the information of 33.7 million customers has been attributed to a former employee who retained access.
B
To internal systems after leaving the company last Wednesday.
C
As we reported, the company's CEO, Park Dae Jun, announced his resignation and apologized.
B
To the public for failing to stop.
C
What is the country's worst cybersecurity breach in its history. The Suspect is a 43 year old Chinese national who joined Coupang in November 2022, was assigned to an authentication management system and left the firm in 2024.
B
He is believed to have already left the country.
C
Mitre shares 2025's top 25 most dangerous.
B
Software weaknesses released in collaboration with the.
C
Homeland Security Systems Engineering and Development Institute and CISA. The list contains 25 of the most dangerous software weaknesses behind more than 39,000.
B
Security vulnerabilities disclosed between June 2024 and and June 2025.
C
Topping the list is Cross Site Scripting followed by SQL Injection, Cross Site request, forgery, missing authorization and out of bounds rights, with new entries this year being variations on buffer overflows. A link to the full list is.
B
Available in the show Notes to this episode.
C
Huge thanks to our sponsor Adaptive Security this episode is brought to you by adaptive security, the first cybersecurity backed by OpenAI. Deep fakes aren't science fiction anymore, they are a daily threat.
B
Here's a quick tip.
C
If your voicemail greeting is your real voice, switch it to the default robot voice. A few seconds of audio can be enough to clone you. Adaptive helps teams spot and stop these AI powered social engineering attacks and you can learn more@adaptivesecurity.com that is adaptive security one word. Germany summons Russia's ambassador over alleged air.
B
Traffic control cyber attacks this action was.
C
Taken after a formal accusation against Moscow.
B
Of the cyber attacks against Germany's Air.
C
Traffic Control Authority in August, along with a disinformation campaign ahead of February's election. The German government stated it has clear evidence linking the air traffic control attack to the Russian Nexus Group APT28, also known as Fancy Bear, a Russia based disinformation campaign tracked as Storm 1516, was also accused of the election interference attack. This group has also been active in other divisive campaigns in Europe as well.
B
AS in the U.S. hamas affiliated APT targeting Middle east and Morocco A group.
C
Allegedly affiliated with the Palestinian organization Hamas is accused of using malware laden documents to breach government and diplomatic entities tied to Oman, Morocco and the Palestinian Authority. This is according to Palo Alto Networks Unit 42, which issued a report on Thursday about a group called Ashen Lepus that is a s h e n.
B
And then L e p u s.
C
The group is allegedly using a new strain of information stealing malware called Ashtag, Canada's privacy regulator to probe face scanning billboards. The probe focuses on billboards located near Toronto's largest train and subway station, Union Station, which allegedly analyzes the age and.
B
Genders of passersby owned by the movie.
C
And media company Cineplex Digital Media. They use cameras, large databases and in some cases artificial intelligence to survey people in public. CDM has reportedly said that no personal data or images are kept and that the billboards process data within milliseconds. US Sues Ex Accenture manager overarmy Cloud Platform the US Is suing a former senior manager at Accenture for allegedly misleading the government about the security of an army cloud platform. In a court action, the United States of America vs. Daniel Hilmer, the US alleges that between March 2020 and November 2021, Hilmer obstructed federal auditors and falsely represented the security of the company's cloud platform, which was used by other government.
B
Customers beyond the army.
C
The defendant, Hilmer, claimed to work for Big four consulting firm Accenture during the stated timeline.
B
According to a now deleted LinkedIn account.
C
The platform in question is described as a non appropriated fund integrated financial management system, a cloud based payroll, pension and benefits system. According to the indictment, Helmer made efforts to represent the NIFMS platform as having enabled security controls that met the Fed ramp high basis baseline and the Department of defense's impact levels 4 and 5.
B
Which are now being described as falsehoods.
C
If you enjoy CISO Series events, why not put them on your calendar? Did you know you can subscribe to everything we've got going on over on our events page@cisoseries.com head on over there, subscribe to the whole calendar and you will know when we're going live with the Department of no Super Cyber Friday and all our live in person events. And if you have some thoughts on the news from today or about this show in general, please be sure to.
B
Reach out to us@feedbackisoseries.com we'd love to hear from you. I'm Steve Prentice reporting for the CISO Series.
A
Cybersecurity headlines are available every weekday. Head to cisoseries.com for the full stories behind the headlines.
C
It.
Podcast: Cyber Security Headlines
Host: Steve Prentiss (CISO Series)
Episode Title: MongoDB records exposed, Apple WebKit patches, Coupang culprit identified
Date: December 15, 2025
This episode covers top stories from the world of cybersecurity, including a massive MongoDB data leak affecting billions of professional records, Apple and Google’s response to serious WebKit vulnerabilities, attribution of the high-profile Coupang breach, the release of MITRE’s Top 25 software weaknesses for 2025, geopolitical cyber incidents in Germany and the Middle East, privacy concerns over Canadian face-scanning billboards, and a legal move against a former Accenture manager accused of misleading the US government regarding cloud security compliance.
“Researchers suggest it would be useful in enabling large scale AI driven social engineering attacks.” ([00:30])
“Teams at Apple and Google have deduced that the vulnerabilities were likely weaponized in highly targeted mercenary spyware attacks.” ([01:23])
“The company’s CEO, Park Dae Jun, announced his resignation and apologized to the public for failing to stop what is the country’s worst cybersecurity breach in its history.” ([02:03])
“Topping the list is Cross Site Scripting followed by SQL Injection, Cross Site request, forgery, missing authorization and out of bounds rights, with new entries this year being variations on buffer overflows.” ([02:49])
“The German government stated it has clear evidence linking the air traffic control attack to the Russian Nexus Group APT28, also known as Fancy Bear…” ([04:03])
“A group called Ashen Lepus… is allegedly using a new strain of information stealing malware called Ashtag.” ([05:01])
“They use cameras, large databases and in some cases artificial intelligence to survey people in public.” ([05:26])
“[The] platform in question is described as a non appropriated fund integrated financial management system… efforts to represent the NIFMS platform as having enabled security controls that met the Fed ramp high basis baseline and the Department of defense’s impact levels 4 and 5…” ([06:29])
This episode delivers a brisk, fact-driven look at major cybersecurity incidents and regulatory actions from around the globe. The breadth of stories—from data leaks to government espionage and privacy regulation—underscores the complex and fast-changing landscape CISOs and security professionals must navigate.
For deeper dives on any story, listeners are directed to CISOseries.com.