Cyber Brief 26-01 - December 2025

This Cyber Brief compiles December 2025 open‑source reporting on a wide range of active threats: nation‑state APT operations (China‑ and Russia‑linked groups) conducting espionage and infrastructure prepositioning; multiple zero‑day exploitations (Apple WebKit, SonicWall, Oracle) used in targeted intrusions; large supply‑chain and browser/extension campaigns infecting millions of users; widespread phishing, credential‑theft and OAuth abuse campaigns; serious ransomware and disruptive attacks impacting critical services and utilities; and numerous data breaches and exposures across government, telecoms, health and cloud repositories.