H-ISAC TLP Green: Daily Cyber Headlines - December 9, 2025

Today’s Headlines:  

Leading Story

  • Critical WatchGuard Firebox Vulnerabilities Let Attackers Bypass Integrity Checks and Inject Malicious Code

Data Breaches & Data Leaks 

  • Tri-Century Eye Care Ransomware Breach Exposes Data of 200,000 Patients

Cyber Crimes & Incidents

  • Threat Actors Can Leverage Delivery Receipts on WhatsApp and Signal to Extract User Private Information

Vulnerabilities & Exploits  

  • Critical Cal.com Vulnerability Lets Attackers Bypass Authentication via Fake TOTP Codes
  • SVG Clickjacking: A New Web Threat That Bypasses Traditional Defenses

Trends & Reports

  • US Accounts for 44% of Cyber Attacks, Financial Gain Targets Public Administration

Privacy, Legal & Regulatory

  • Portugal Updates Cybercrime Law to Exempt Security Researchers
  • Chrome Builds New (User Alignment Critic) Shield to Protect Gemini-Powered Agentic Browsing

Upcoming Health-ISAC Events

  • Global Monthly Threat Brief   
    • Americas – December 16, 2025, 12:00-01:00 PM ET
    • European – December 17, 2025, 03:00-04:00 PM CET

 

View the detailed report below.

For help with Cybersecurity and Risk Advisory Services exclusively for AHA members, contact:

John Riggi

National Advisor for Cybersecurity and Risk, AHA

jriggi@aha.org

(O) +1 202 626 2272

More on John Riggi
Learn more about AHA's Cybersecurity and Risk Advisory Services

Related Resources

Letter/Comment
AHA Support for Senate Rural Hospital Cybersecurity Enhancement Act
Public
Special Bulletin
Senate Deal Reached to End Government Shutdown
Member
Guides and Reports
Strategies for Cyber Preparedness in Health Care
Advisory
Hospitals That Are Oracle Customers Urged to Take Immediate Action to Address Security Vulnerability
Public
Issue Landing Page
Cybersecurity and Risk Advisory Service
Issue Landing Page
Support for Your Cybersecurity Program