Check the highlights from the cybersecurity world for the last month of 2025!
1. Cybersecurity breach confirmed by the European Space Agency
The European Space Agency (ESA) has disclosed a cybersecurity breach affecting a few external servers, indicating vulnerability within its organisation. The details surrounding the breach, including the attack method and any data compromised, are limited. The servers in question operate outside ESA's main defences and are likely managed by third-party collaborators for research purposes. Although unclassified, these servers may contain sensitive data that could benefit adversaries targeting space infrastructure.
Despite the breach, ESA has reported no disruptions to its main operations, including upcoming launches and telescope data processing. The situation emphasises the importance of implementing zero-trust architectures in network security.
2. Hacked TrustWallet Chrome extension steals over $7 million from users on Christmas Eve
Trust Wallet experienced a significant security breach affecting the Chrome browser extension version 2.68.0, leading to over $7 million stolen from users' wallets on December 24, 2025.
Desktop users were impacted as the attack involved a malicious JavaScript file that exfiltrated sensitive wallet data when users imported their seed phrases. The attackers also employed phishing tactics through fake vulnerability fix sites to lure users into revealing their information.
Trust Wallet confirmed the breach on December 25, isolated it to the compromised version, and advised users to disable it and update to version 2.69 for safety. The company promised full refunds to affected users and cautioned against unofficial communications.
This incident highlights the supply-chain risks and emphasises the need for users to be vigilant with wallet security and updates. Cybersecurity specialists advise utilising new wallets for seeds that may have been compromised.
3. Massive scrape of Spotify by hacktivist shadow library group
Anna’s Archive, a shadow library, has scraped Spotify, releasing a torrent collection of approximately 86 million audio tracks and metadata for 256 million songs. They claim it is the first open "preservation archive" for music, housing nearly 300 terabytes of data and covering 99.9% of Spotify’s catalogue.
The release is being distributed in stages via BitTorrent, with the group urging the public to seed the torrents for protection against “natural disasters, wars, and budget cuts.” This initiative is framed as a cultural preservation project but constitutes a significant breach of Spotify’s terms of service.
4. Adobe releases critical security updates for Acrobat and Reader
Adobe has released critical security updates for Acrobat and Reader to address multiple vulnerabilities that could allow arbitrary code execution. The updates, detailed in security bulletin APSB25-119 on December 9, 2025, have a priority rating of 3 and affect both Windows and macOS. Key issues include two critical flaws related to untrusted search paths and out-of-bounds read errors.
Affected products include Acrobat DC, Reader DC, Acrobat 2024, Acrobat 2020, and Acrobat Reader 2020. Users are urged to update to the latest versions: Acrobat DC and Reader DC 25.001.20997, Acrobat 2024 versions 24.001.30307 (Windows) and 24.001.30308 (macOS), and Acrobat 2020 version 20.005.30838.
Currently, there are no known exploits targeting these vulnerabilities, but immediate patching is recommended due to their critical nature.
5. A zero-click flaw in Gemini allows hackers to steal your Gmail, Calendar and Google Docs data
A zero-click vulnerability - GeminiJack - was discovered in Google Gemini Enterprise and Vertex AI Search, allowing attackers to steal sensitive data from Gmail, Calendar, and Docs without any user interaction. This architectural flaw exploited how AI processes shared content, bypassing traditional security measures like data loss prevention (DLP) and endpoint protection tools.
Attackers could share malicious Google Docs, Calendar invites, or emails with hidden prompt injections to trick the AI into querying sensitive information. The attack could lead to significant data leaks, including years of emails, confidential calendars, and entire document repositories.
Google promptly addressed the issue by separating Vertex AI Search from Gemini and patching the vulnerabilities. The incident highlights growing risks associated with AI technologies, suggesting that organisations must reassess trust boundaries, monitor AI pipelines, and manage data sources more carefully.
6. Microsoft December 2025 Patch Tuesday
Microsoft's December 2025 Patch Tuesday addresses 56 vulnerabilities, including three zero-day vulnerabilities, one of which is presently exploited. The security update covers a wide range of products and services, like Windows, Office, Exchange Server, Hyper-V, Azure Monitor Agent, PowerShell, and third-party tools such as GitHub Copilot for JetBrains. Users are urged to update their software immediately.
7. Another Cloudflare outage weeks after the major November incident
On December 5, Cloudflare went down for about 30–40 minutes, affecting up to 20% of websites globally. Big names like Zoom, LinkedIn, Shopify, X, Spotify, and Canva showed 500 Internal Server Errors. The outage was caused by a change to Cloudflare's Web Application Firewall to fix a vulnerability.
This incident follows a previous major outage on November 18, highlighting the fragility of reliance on a few providers.
This is yet another wake-up call that resilience isn’t just a buzzword. It means diversifying your tech stack, building redundancy, and keeping control of your data. Relying on one provider is like putting all your eggs in one basket – and then handing the basket to someone else.
The European AI-driven security and web infrastructure company, Blackwall, can be a great alternative to situations like that. Engineered by engineers for engineers, Blackwall provides protection against threats, AI-enabled traffic management, and resilience for various digital services that will help you stay secure and independent.
Hope your systems will stay safe in 2026! If you need help, contact us for expert advice!