Major Data Breaches

Coupang Data Breach: 33.7 Million Accounts Exposed

South Korean e-commerce giant Coupang suffered a massive data breach, impacting nearly 34 million customer accounts. This incident stands as one of the largest breaches in the region, with the company confirming the exposure of sensitive customer data. The breach has raised significant concerns about data protection standards in the e-commerce sector and the potential for follow-on fraud or identity theft targeting affected users1.

Significant Cyberattacks

Microsoft SharePoint Servers Under Widespread Attack

A major ongoing cyberattack campaign targeted on-premises Microsoft SharePoint servers, exploiting newly discovered vulnerabilities. The attacks, referred to as “ToolShell” compromises, have been linked to China-based threat actors, though a variety of groups are believed to be exploiting the flaws. Microsoft has released patches for all affected SharePoint versions, but researchers warn that attackers will likely continue to operationalize these vulnerabilities for months. The campaign has affected both companies and government agencies, with the U.S. Treasury Department reporting a significant breach attributed to a China state-sponsored APT actor. Other notable attacks during this period included ransomware incidents and exploitation of Ivanti VPN devices2.

Surge in Advanced Digital Fraud

Advanced fraud attacks surged by 180% in 2025, with cybercriminals leveraging generative AI to create convincing fake IDs, deepfakes, and autonomous bots. These sophisticated tactics have enabled large-scale digital fraud, challenging traditional security controls and detection mechanisms3.

Critical Vulnerabilities

Microsoft SharePoint Vulnerabilities

The vulnerabilities in Microsoft SharePoint servers, which enabled the “ToolShell” attacks, were significant enough to prompt immediate patch releases from Microsoft. Security experts emphasize that these vulnerabilities will remain a target for attackers, and organizations are urged to apply patches without delay2.

Oracle Identity Manager Critical Flaw

A critical flaw in Oracle Identity Manager was reported as being actively exploited. This vulnerability poses a high risk to organizations using the platform, as attackers can leverage it for unauthorized access and potential data exfiltration3.

Government Responses

India Mandates Pre-Installed Cybersecurity App

India’s telecommunications ministry ordered all major mobile device manufacturers to preload the government-backed Sanchar Saathi cybersecurity app on new phones within 90 days. The app, which cannot be deleted or disabled, allows users to report fraud, spam, and malicious links, block stolen handsets, and check for unauthorized mobile connections. This move is aimed at combating telecom fraud and improving consumer protection, especially against international scam calls disguised as domestic traffic4.

U.S. Treasury Department Discloses China-Linked Breach

The U.S. Treasury Department disclosed a major cybersecurity incident attributed to a China state-sponsored APT actor. The breach, which compromised multiple offices, was linked to the exploitation of a remote support tool and highlights the ongoing threat posed by nation-state actors targeting government infrastructure2.

Additional Cybersecurity News

Browser Extension Spyware Campaign

A threat actor known as ShadyPanda was linked to a long-running browser extension campaign, which turned popular extensions into spyware. These extensions, with over 4.3 million installs, were used to exfiltrate browsing history and collect browser fingerprints. The campaign demonstrates the risks associated with third-party browser add-ons, even those previously verified by major platforms4.

Salesforce Customers Hacked via Gainsight

Salesforce customers experienced another wave of attacks, this time through the Gainsight platform. The incident underscores the persistent risk of supply chain attacks and the need for robust third-party risk management3.

Summary

The week of November 25 to December 1, 2025, was marked by a series of high-impact data breaches, sophisticated cyberattacks exploiting critical vulnerabilities, and significant government interventions aimed at improving cybersecurity resilience. Organizations are urged to remain vigilant, prioritize patch management, and enhance monitoring of third-party platforms to mitigate evolving threats4​2​1​3.

Sources:

• Coupang Data Breach Coverage
• Microsoft SharePoint Attacks and U.S. Treasury Breach
• Advanced Digital Fraud and Oracle Flaw
• India Cybersecurity App and Browser Extension Campaign​1: (Direct source URL for Coupang breach) 2: (Direct source URL for Microsoft SharePoint attacks and U.S. Treasury breach) 3: (Direct source URL for advanced digital fraud and Oracle flaw) 4: (Direct source URL for India cybersecurity app and browser extension campaign)