About the CyberDigest

Every fortnight, the Cybercrime Programme Office of the Council of Europe (C-PROC) releases a new edition of its CyberDigest, a newsletter that provides readers with a collection of press releases and news articles covering a wide range of topics related to the “aims, activities and achievements” of C-PROC.

 

CyberDigest themes

The 18 December 2025 issue featured nine articles whose contents covered four identifiable themes:

  1. Cybersecurity
  2. Cyber attacks
  3. Criminal justice
  4. Cybercrime

 

Cybersecurity

  1. The Portuguese newspaper Jornal de Notícias (“News Journal”) published an article about a study that researched the cyber preparedness of small and medium-sized enterprise (SMEs) in Portugal. The study identified the frequency of and most commonly-reported types of cyber attacks, which technologies were most commonly vulnerable to exploitation, and public views of cybersecurity and AI.
  2. An article published by BankInfoSecurity reported on a major vulnerability to the React software framework, which would let malicious hackers, cryptominers, and credential harvesters, among others, take advantage of the software. As explained by the Checkpoint blog, the security exploit was “rated critical because it can let a stranger run code on your server without needing to log in or do anything”. This exploit would let a malicious hacker do things such as intercept customer data, shut a service down, steal sensitive data, and more. Several updates have since been issued that have resolved the issue.

 

Cyber attacks

  1. CNN Portugal published a history of hacking and delved into the backgrounds of famous hackers from the last two centuries, and discussed how technologies and exploitation techniques have changed over the years and the common motivation informing the actions of hackers – namely demonstrating that all systems have flaws and are vulnerable to potential exploits.
  2. Internet security news agency Welivesecurity published a piece on the ten most significant cyber attacks of 2025, which ranged from data breaches and cybercriminal group hacks to chatbot exploits, ransomware attacks, and supply chain attacks. The article also addressed the common identifiable traits shared among all the examples listed and proposed actionable solutions that could be used to combat cyberattacks.

 

Criminal justice

  1. The Korean newspaper Chosun Daily reported that following the amendment of the Criminal Procedure Act, prosecutors will be able to request the preservation of electronic evidence (e.g., chat logs, records) from third-party information and communication service providers to improve the outcomes of criminal investigations. An initial 60 day preservation option will be available, with one additional 30 day extension allowed. As stated by the report, “the electronic evidence preservation request system will take effect six months after the amendment is promulgated”.
  2. Cybersecurity news site HackRead reported on recent legislative changes made in Portugal that would protect ethical hackers (also known as ‘white hats’) and security researchers from prosecution. As published in Decree-Law No. 125/2025, Article 8-A (‘Acts not punishable due to public interest in cybersecurity’) was added to the country’s cybercrime laws, and as stated by HackReads, “makes an exception for actions that previously could have been considered illegal”. The legislative changes also come with some caveats including specific conditions and reporting obligations that must be met.

 

Cybercrime

  1. A Substack article penned by a cybersecurity and intelligence analyst mapped the circulation of child sexual abuse material (CSAM) online and addressed technology issues like AI-generated content, the CSAM ecosystem (including the infrastructure and technology strategies used by its perpetrators), jurisdictional and legal issues and challenges, as well as the behaviour and tactics used by exploiters and abusers, and recommended several solutions.
  2. The Council of Europe reported on the CyberSEE’s fourth steering committee meeting, which brought together delegates from numerous parties to review 2025 outcomes, celebrate the success of Bosnia and Herzegovina signing the Second Additional Protocol and “the development of Serbia’s Cybercrime strategy”, and announce that further upcoming projects have been scheduled.
  3. A press release issued by Europol addressed the operational successes had by Europol’s Operational Taskforce (OTF) GRIMM in tackling violence-as-a-service-related acts, including the perpetrators, facilitators, and recruiters, who, through online exploitation, take advantage of young people to carry out acts of violence.

 

Key takeaways

The fortnightly CyberDigest provides readers with insights into the issues and matters that C-PROC considers important and promote its aims, and in the 18 December 2025 issue, reminds readers of the complex, global nature of cybersecurity and the steps they can take to protect their systems and prevent unwanted intrusions and breaches.

Nyman Gibson Miralis provides expert advice and representation in cases involving purported privacy breaches, including cases of alleged cybercrimes.

Contact us if you require assistance.