Security briefing: December 2025

December 2025 security roundup: critical unauthenticated RCE in React Server Components (React2Shell CVE-2025-55182) with public PoC, widespread MongoDB memory-leak data exposure (MongoBleed CVE-2025-14847) actively exploited, BRICKSTORM backdoor linked to China-state actors targeting Linux cloud environments, EtherRAT multi-stage campaign leveraging Ethereum smart contracts for C2, an ESA source-code/data breach, and disruptive DDoS activity — the report provides IOCs, detection guidance, and urges patching, monitoring, and resilience measures.