2025 was a big year for cybersecurity, with major cyberattacks, data breaches, threat groups reaching new notoriety levels, and, of course, zero-day vulnerabilities exploited in incidents.
Some stories, though, were more impactful or popular with our readers than others.
Below are fifteen of what BleepingComputer believes are the most impactful cybersecurity topics of 2025, with a summary of each. These stories are in no particular order.
A fourth wave of the “GlassWorm” campaign is targeting macOS developers with malicious VSCode/OpenVSX extensions that deliver trojanized versions of crypto wallet applications.
Extensions in the OpenVSX registry and the Microsoft Visual Studio Marketplace expand the capabilities of a VS Code-compatible editor by adding features and productivity enhancements in the form of development tools, language support, or themes.
The Microsoft marketplace is the official extension store for Visual Studio Code, whereas OpenVSX serves as an open, vendor-neutral alternative, primarily used by editors that do not support or choose not to rely on Microsoft’s proprietary marketplace.
The Covenant Health organization has revised to nearly 500,000 the number of individuals affected by a data breach discovered last May.
The healthcare entity initially reported in July that the data of 7,864 people had been exposed, but further analysis has revealed a larger impact.
After completing “the bulk of its data analysis,” Covenant Health now says that 478,188 individuals were affected.
Over 10,000 Fortinet firewalls are still exposed online and vulnerable to ongoing attacks exploiting a five-year-old critical two-factor authentication (2FA) bypass vulnerability.
Fortinet released FortiOS versions 6.4.1, 6.2.4, and 6.0.10 in July 2020 to address this flaw (tracked as CVE-2020–12812) and advised admins who couldn’t immediately patch to turn off username-case-sensitivity to block 2FA bypass attempts targeting their devices.
This improper authentication security flaw (rated 9.8÷10 in severity) was found in FortiGate SSL VPN and allows attackers to log in to unpatched firewalls without being prompted for the second factor of authentication (FortiToken) when the username’s case is changed.
The amygdala consists of nuclei which can be grouped into (i) the basolateral nuclear group (BLA), (ii) the superficial cortex-like laminated region (sCLR) which contains the cortical nuclei (Co), and (iii) the centromedial nuclear group.1 The BLA consists of the lateral nucleus (LA) and basal nucleus (BA). In turn, the BA consists of the basolateral nucleus and the basomedial nucleus. The centromedial nuclear group consists of the central nucleus (Ce), medial nucleus (Me), and intercalate cell mass (IC). In turn, Ce consists of a lateral (CeL) subdivision and a medial (CeM) subdivision. The centromedial nuclear group (Ce, Me, and IC) along with the bed nucleus of the stria terminalis (BNST) and sublenticular substantia innominata together comprise the centromedial extended amygdala.
The cellular composition of the BLA nuclei and the sCLR’s Co nuclei resembles that of the cerebral cortex in that the majority of the neurons are pyramidal-like glutamatergic cells while the rest are local GABAergic inhibitory interneurons.1 The inhibitory interneurons include parvalbumin-containing neurons which mainly synapse on the soma and proximal dendrites of the pyramidal cells and somatostatin-containing neurons which mainly synapse on the distal dendrites of the pyramidal neurons. By contrast, the composition of the Ce and Me nuclei resembles the striatum in that many of the neurons are similar to GABAergic medium spiny neurons.
Viswanadham, Kim, et al. combine somatic mutational and transcriptome analyses to trace the lineages of neuronal clones in the human cerebral cortex. They explore the differences between the visual and prefrontal cortex in clonal development, dispersion, and identities and dissect the lineages of late-rising cortical glutamatergic and GABAergic neurons.