Date of Incident: August to October 2023 Overview: The Supreme Court of the United States experienced a significant security breach in its electronic filing system between August and October 2023, disclosed in January 2026. Unauthorized access allowed the attacker to leak confidential details and victim names on Instagram. The breach leveraged techniques mapped to MITRE… Read More »Supreme Court Electronic Filing System Hack
Date of Incident: July 2-3, 2025 Overview: In July 2025, Ingram Micro experienced a ransomware attack, resulting in a data breach impacting over 42,000 individuals. The attackers deployed ransomware through phishing and exploited vulnerabilities in public-facing applications. Critical system files were encrypted, and documents containing personal information, such as Social Security numbers and government IDs,… Read More »Ingram Micro ransomware attack
The first full operational week of 2026 (January 7-12) shattered expectations with a cascade of maximum-severity vulnerabilities and mass-scale data exposures. The week was dominated by Cyera’s disclosure of CVE-2026-21858 (Ni8mare)-a CVSS 10.0 unauthenticated RCE in n8n workflow automation affecting ~100,000 instances globally-and the re-emergence of 17.5 million Instagram user records on dark web forums,… Read More »Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 7 Jan – 12 Jan 2026
The final week of 2025 (December 26-31) featured NVD publication of multiple critical CVEs including root RCE in Xspeeder SXZOS (CVE-2025-54322) and high-severity deserialization flaws, alongside reports of MongoBleed memory leaks in MongoDB and sustained scans on legacy FortiOS/Adobe ColdFusion vulnerabilities. Dark web forums pushed unrestricted AI tools like DIG AI for malware generation and… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 26 Dec – 31 Dec 2025
The week of December 10-17, 2025 witnessed unprecedented velocity in critical vulnerability exploitation and nation-state targeting of global infrastructure. Five CVSS 10.0/9.8-rated vulnerabilities entered active exploitation phases within 72 hours of disclosure, impacting 644,000+ domains and requiring emergency government directives. Simultaneously, APT36 demonstrated Linux-specific espionage capabilities against Indian government infrastructure, ToddyCat expanded email harvesting operations,… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 10 Dec – 17 Dec 2025