Cyber threats show no signs of slowing down in 2025, with organizations of all sizes facing relentless attacks. From actively exploited zero-days in widely used software to ransomware crippling healthcare facilities, the need for proactive cybersecurity measures has never been greater. This edition of the HopeNet Cyber Recap covers some of the latest threats, vulnerabilities, and security updates you should be aware of. Stay informed and stay secure.
Time for Data Destruction to Become Standard Business Practice
The easiest data to protect, is data you have deleted. Organizations continue to hoard sensitive information longer than necessary, increasing their risk of breaches. Businesses are urged to implement strict data retention policies and proactive deletion practices.
Read more on Dark Reading
Maryland Healthcare Provider Hit by Ransomware Attack
Frederick Health, a major healthcare provider in Maryland, is dealing with the fallout from a ransomware attack that disrupted patient services. This incident highlights the ongoing trend of cybercriminals targeting healthcare institutions due to their critical operations and valuable patient data.
Read more on The Record
Hackers Claim Second Breach of HP Enterprise, Selling Network Access
A threat group claims to have breached HP Enterprise for the second time and is now selling access to its network on the dark web. Unfortunately, too many organizations experience follow up breaches as threat actors test whether past vulnerabilities have been corrected.
Read more on HackRead
Texas County Declares Disaster Following Cyberattack
A cyberattack on a Texas county government was severe enough to prompt a formal disaster declaration. This incident underscores the increasing number of ransomware and cyber incidents affecting local governments, often resulting in operational shutdowns and financial losses.
Read more on The Record
Actively Exploited Fortinet Zero-Day Gives Attackers Super Admin Privileges
A newly discovered zero-day vulnerability in Fortinet products is being actively exploited, allowing attackers to gain super admin privileges. This flaw enables cybercriminals to control compromised networks entirely. Organizations using Fortinet solutions are advised to apply patches and monitor for suspicious activity immediately.
Read more on Dark Reading
TeamViewer Patches High-Severity Vulnerability in Windows Applications
TeamViewer has issued a security update to patch a high-severity vulnerability affecting its Windows applications. Exploiting this flaw could allow attackers to gain unauthorized access to remote systems. Users should update their software immediately.
Read more on SecurityWeek
Apple Releases Emergency Patches for Actively Exploited Zero-Day
Apple has released urgent security updates for iOS, macOS, and iPadOS, addressing a zero-day vulnerability actively exploited by attackers. Users are strongly advised to update their devices immediately to mitigate the risk of compromise.
Read more on The Hacker News
Chrome and Firefox Patch High-Severity Vulnerabilities
Google and Mozilla have released security updates addressing high-severity vulnerabilities in Chrome 133 and Firefox 135. These patches fix critical flaws that could be exploited to execute malicious code on users’ devices. Browser users should update immediately to stay protected.
Read more on SecurityWeek
Cisco Releases Security Advisory for Multiple Vulnerabilities in ISE
Cisco has published a security advisory detailing multiple vulnerabilities affecting its Identity Services Engine (ISE). The flaws could allow attackers to bypass authentication and execute arbitrary commands. Organizations using ISE should apply patches as soon as possible.
Read more on Cisco
Netgear Warns Users to Patch Critical WiFi Router Vulnerabilities
Netgear has issued an urgent advisory warning users to patch critical vulnerabilities affecting its WiFi routers. Exploiting these flaws could allow attackers to take over affected devices remotely. Netgear users should update their firmware immediately to mitigate the risks.
Read more on BleepingComputer
HopeNet reviews a variety of security news sources so you do not have to! This list is curated specifically for churches, nonprofits, and other Organizations of Hope. The headlines and our added comments are meant to provide enough to get an overview of recent happenings, but links are also provided for readers that want to explore certain topics deeper.
If this was shared with you and you would like to receive a copy directly to your email, please sign up for this FREE newsletter at HopeNetCISO.com. Also, check out the Services section of our site for ways we can help! Thanks for reading!