Skip to content

AI in Cybersecurity

Weekly Report: New Hacking Techniques and Critical CVEs 4 Aug – 11 Aug, 2025

The cybersecurity landscape during August 4-11, 2025, witnessed a surge in critical zero-day exploitations, sophisticated ransomware campaigns, and nation-state attacks targeting critical infrastructure. Four major zero-day vulnerabilities were actively exploited in the wild, with threat actors demonstrating unprecedented speed in weaponizing newly disclosed flaws. The week’s most significant incidents included active exploitation of Citrix NetScaler… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 4 Aug – 11 Aug, 2025

Weekly Report: New Hacking Techniques and Critical CVEs 28 July – 4 Aug , 2025

From 28 July to 4 August 2025, threat actors leveraged novel AI-assisted malware, zero-day chains against on-prem SharePoint, critical command-injection in CI/CD pipelines, and advanced social-engineering playbooks. Fourteen CVEs reached Critical severity, including two actively exploited zero-days. Dark-web chatter intensified around Medusa and BlackSuit takedown fallout, with ransomware affiliates trading victim data and custom tooling… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 28 July – 4 Aug , 2025

CVE-2025-20281 (Cisco ISE)

Description:  Injection vulnerability in Cisco ISE API enabling unauthenticated RCE. Technical Details: CVSS Score: 10.0 (Critical) Exploit: Attackers submit crafted POST requests to /admin/XXX endpoints with malicious JSON payloads ({“command”:”exec”}), exploiting insufficient input validation to execute code with root privileges. Bobby Gould’s PoC showed unsafe deserialization in JSON inputs, enabling RCE from Chinese IPs (e.g.,… Read More »CVE-2025-20281 (Cisco ISE)

CoinDCX Cryptocurrency Exchange Breach

Overview: Indian crypto exchange CoinDCX was breached, with attackers stealing wallet credentials and transaction data, causing $1.2M in losses. Technical Details: Attack Vector: Exploited CVE-2025-20281 (Cisco ISE injection vulnerability, CVSS 10.0) in a third-party payment gateway’s API endpoint (/admin/XXX) integrated with CoinDCX. Exploitation: Attackers sent crafted POST requests (Content-Type: application/json) with malicious SQL payloads (‘… Read More »CoinDCX Cryptocurrency Exchange Breach

CVE-2025-2776 (SysAid On-Prem)

Description:  Vulnerability enabling administrator takeover via XML-based exploits. Technical Details: CVSS Score: 9.2 (Critical) Exploit: Attackers exploit weak XML validation to inject payloads that modify role_id fields (<user><role_id>admin</role_id></user>), escalating to admin privileges. The attack targets /api/v1/admin endpoints, chaining with CVE-2025-2775 for initial data access. Persistence is achieved via modified user accounts with SSH keys added… Read More »CVE-2025-2776 (SysAid On-Prem)

Use Cases
Technology
About
Partner
Resources

FireCompass – An EC Council Ecosystem Company.
©2025 . All Rights Reserved.