RadioCSIRT – Your Cyber Security News for Sunday, December 14, 2025 (Ep.50) episode artwork

EPISODE · Dec 14, 2025 · 8 MIN

RadioCSIRT – Your Cyber Security News for Sunday, December 14, 2025 (Ep.50)

from RadioCSIRT - English Edition · host Marc Frédéric GOMEZ

Welcome to your daily cybersecurity podcast.Apple and Google rush to fix actively exploited Zero-Day flaws. CISA has added CVE-2025-14174 to its KEV catalog, flagging a critical memory corruption vulnerability in the Chromium engine that affects Chrome, Edge, and Brave. Simultaneously, Apple has deployed patches for this same flaw alongside CVE-2025-43529, a WebKit Use-After-Free bug. Discovered by Google's Threat Analysis Group, these vulnerabilities are currently leveraged in "extremely sophisticated" attacks allowing Remote Code Execution (RCE) on iPhones, iPads, and macOS devices via malicious web content. Updating to iOS 26.2 and the latest browser versions is mandatory to break this infection chain.CERT-FR issues a massive alert regarding the Ubuntu Linux kernel. The security advisory covers a wide array of vulnerabilities impacting every supported version, from LTS 18.04 up to intermediate releases like 25.10. These kernel-level flaws allow attackers to trigger remote Denial of Service and bypass security policies, posing a severe threat to process isolation and container environments. System administrators must not only apply the listed USN patches but must imperatively schedule production reboots to ensure the new kernel image is actually loaded into memory.A historic data leak exposes 4.3 billion professional records. Researchers have discovered an unsecured 16-terabyte MongoDB database left open to the public, containing detailed profiles likely aggregated from LinkedIn and Apollo.io. The dataset includes names, emails, phone numbers, and career histories, creating the ultimate weapon for AI-assisted social engineering. Although secured on November 25th, this exposure provides cybercriminals with the context needed to automate large-scale Spear-Phishing and Business Email Compromise (BEC) campaigns targeting Fortune 500 employees.President Trump signs an Executive Order establishing a deregulated national framework for AI. The order effectively bans states from enacting their own regulations, threatening to withhold federal funding from jurisdictions enforcing laws deemed "onerous," such as Colorado’s algorithmic bias statutes. For CISOs and GRC teams, this eliminates external legal guardrails and shifts the entire burden of model safety and ethics onto internal controls, creating an environment that prioritizes rapid innovation over safety compliance.Don't think, just patch!Sources:Apple: https://www.bleepingcomputer.com/news/security/apple-fixes-two-zero-day-flaws-exploited-in-sophisticated-attacks/CISA : https://www.cisa.gov/news-events/alerts/2025/12/12/cisa-adds-one-known-exploited-vulnerability-catalog-0CERT-FR: https://www.cert.ssi.gouv.fr/avis/CERTFR-2025-AVI-1106/Data Breach: https://securityaffairs.com/185661/data-breach/experts-found-an-unsecured-16tb-database-containing-4-3b-professional-records.htmlAI Regulation: https://therecord.media/trump-executive-order-ai-national-frameworkYour feedback is welcome.Email: [email protected]: https://www.radiocsirt.comWeekly Newsletter: https://radiocsirtintl.substack.com

NOW PLAYING

RadioCSIRT – Your Cyber Security News for Sunday, December 14, 2025 (Ep.50)

0:00 8:08

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Al-Quran In English Dr. Soha The complete Quran translation in English, Narrated by Dr. Soha. Hosted on Acast. See acast.com/privacy for more information. The Hobbit by J. R. R. Tolkien Audiobook Raghvendra Singh The journey through Middle-earth begins here with J.R.R. Tolkien's classic prelude to his Lord of the Rings trilogy.“A glorious account of a magnificent adventure, filled with suspense and seasoned with a quiet humor that is irresistible... All those, young or old, who love a fine adventurous tale, beautifully told, will take The Hobbit to their hearts.”—The New York Times Book Review"In a hole in the ground there lived a hobbit." So begins one of the most beloved and delightful tales in the English language—Tolkien's prelude to The Lord of the Rings. Set in the imaginary world of Middle-earth, at once a classic myth and a modern fairy tale, The Hobbit is one of literature's most enduring and well-loved novels.Bilbo Baggins is a hobbit who enjoys a comfortable, unambitious life, rarely traveling any farther than his pantry or cellar. But his contentment is disturbed when the wizard Gandalf and a company of dwarves arrive on his doorstep one day to whisk him away CLO Level 3 Lessons Chinese Learn Online (CLO) Learn Mandarin Chinese with our unique structured immersion course. Each lesson continues where the previous one left off. Level 1 lessons are conducted mainly in English. Later levels in the course will be conducted in Chinese that was taught in earlier levels. Learn English with the British Council and Premier League Jack Radford

Frequently Asked Questions

How long is this episode of RadioCSIRT - English Edition?

This episode is 8 minutes long.

When was this RadioCSIRT - English Edition episode published?

This episode was published on December 14, 2025.

What is this episode about?

Welcome to your daily cybersecurity podcast.Apple and Google rush to fix actively exploited Zero-Day flaws. CISA has added CVE-2025-14174 to its KEV catalog, flagging a critical memory corruption vulnerability in the Chromium engine that affects...

Can I download this RadioCSIRT - English Edition episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!