**Week in Review: December 16-22, 2025**
As we wrap up another busy week in cybersecurity, let's take a look at some of the most interesting news stories, articles, interviews, and videos that caught our attention.
**Exploited Zero-Day Vulnerability Discovered in Cisco Email Security Appliances**
A suspected Chinese-nexus threat group has been exploiting a zero-day vulnerability in Cisco email security appliances since late November 2025. The vulnerability allows attackers to bypass authentication and plant backdoors on affected devices. Cisco Talos researchers have shared their findings, urging customers to apply the provided hotfix.
**Kali Linux 2025.4 Released with New Tools and Quality-of-Life Improvements**
OffSec has released Kali Linux 2025.4, a new version of its widely used penetration testing and digital forensics platform. The update includes several new tools and quality-of-life improvements to enhance user experience.
**Attackers Exploiting Auth Bypass Vulnerability on FortiGate Firewalls**
Arctic Wolf researchers have warned that attackers are exploiting a recently revealed vulnerability (CVE-2025-59718) to bypass authentication on Fortinet's FortiGate firewalls. The achieved access is being used to export system configuration files.
**SonicWall Zero-Day Patched After Exploitation**
SonicWall has patched a local privilege escalation vulnerability (CVE-2025-40602) affecting its Secure Mobile Access (SMA) 1000 appliances. The flaw was exploited by attackers, prompting the company to urge customers to apply the provided hotfix.
**Other Notable News Stories:**
* **SoundCloud Breached and Hit by DoS Attacks**: Audio streaming service SoundCloud has suffered a breach and has been repeatedly hit by denial of service attacks. * **European Police Busts Ukraine Scam Call Centers**: Law enforcement agencies from several European countries have arrested twelve persons suspected of being involved in scamming victims across Europe. * **Microsoft 365 Users Targeted in Device Code Phishing Attacks**: Attackers are targeting Microsoft 365 users with device code authorization phishing, a technique that fools users into approving access tokens.
**Interviews and Videos:**
* **R's CISO on Managing Data Flows in Telehealth**: In this Help Net Security interview, Scott Bachand, CIO/CISO at Ro, discusses how telehealth reshapes the flow of patient data and what that means for security. * **Why Vulnerability Reports Stall Inside Shared Hosting Companies**: A new qualitative study digs into what happens after vulnerability reports arrive and explains why remediation so often stops short. * **How Exposure Management Changes Cyber Defense**: In this Help Net Security video, Larry Slusser, VP of Strategy at SixMap, explains why endpoint detection and response is only part of the security story.
**Research and Reports:**
* **Kali Linux 2025.4 Released with New Tools and Quality-of-Life Improvements** * **New InfoSec Products of the Week: December 19, 2025**: Featuring releases from Apiiro, Astra Security, Push Security, Trellix, and XM Cyber.
**Cybersecurity Jobs Available Right Now:**
* **Check out this weekly selection of cybersecurity jobs available right now**, featuring roles that span various skill levels within the cybersecurity field.