22nd December – Threat Intelligence Report

Executive summary: This bulletin outlines multiple high-impact incidents and trending threats: massive data breaches attributed to extortion groups (Pornhub/Mixpanel, SoundCloud, LKQ, University of Sydney), critical remote code execution vulnerabilities with active exploitation (HPE OneView CVE-2025-37164, WatchGuard CVE-2025-14733, Fortinet authentication bypasses), APT activity by Ink Dragon using ShadowPad and a new FinalDraft backdoor, and malware campaigns such as the Node.js–based GachiLoader; it also highlights recruitment of insiders and a surge in AI-enabled phishing and holiday scams.