H-ISAC TLP Green: Daily Cyber Headlines - December 4, 2025

Today’s Headlines:  

Leading Story

  • Microsoft Quietly Patches Long-Exploited Windows Shortcut (.LNK) Vulnerability

Data Breaches & Data Leaks 

  • University of Phoenix Confirms Data Breach Caused by Zero-day Vulnerability in Oracle E-Business Suite

Cyber Crimes & Incidents

  • Storm-0900 Threat Actors Leveraging Parking Ticket and Medical Test Themes in Massive Phishing Attack

Vulnerabilities & Exploits  

  • An Android 0-Day Vulnerability Exploited in Attacks
  • An Iskra iHUB Vulnerability Allowing Remote Device Reconfiguration

Trends & Reports

  • AI is Lowering the Barrier of Entry to Execute Cyber Attacks
  • ServiceNow Expands into Identity Security with Acquisition of Veza

Privacy, Legal & Regulatory

  • Nevada Governor Signs Bills, Including Cybersecurity Bill, Passed During Special Session into Law

Upcoming Health-ISAC Events

  • Global Monthly Threat Brief   
    • Americas – December 16, 2025, 12:00-01:00 PM ET
    • European – December 17, 2025, 03:00-04:00 PM CET
    • Fall Americas Summit – Carlsbad, California – December 1-5, 2025

View the detailed report below.

For help with Cybersecurity and Risk Advisory Services exclusively for AHA members, contact:

John Riggi

National Advisor for Cybersecurity and Risk, AHA

jriggi@aha.org

(O) +1 202 626 2272

More on John Riggi
Learn more about AHA's Cybersecurity and Risk Advisory Services

Related Resources

Special Bulletin
Senate Deal Reached to End Government Shutdown
Member
Guides and Reports
Strategies for Cyber Preparedness in Health Care
Advisory
Hospitals That Are Oracle Customers Urged to Take Immediate Action to Address Security Vulnerability
Public
Issue Landing Page
Cybersecurity and Risk Advisory Service
Guides and Reports
Cybersecurity and Risk Advisory Services
Standards/Guidelines
Become an AHA Preferred Cybersecurity and Risk Provider
Public