Skip to content

Continuous Vulnerability Management

Citrix NetScaler ADC and Gateway Vulnerability (CVE-2025-5777): Securing Remote Access Gateways

On July 10, 2025, CISA confirmed active exploitation of a critical vulnerability in Citrix NetScaler ADC and Gateway, identified as CVE-2025-5777. The flaw, dubbed Citrix Bleed 2, allows attackers to bypass authentication in configurations using Gateway or AAA virtual servers. Following confirmation, the vulnerability was added to the CISA Known Exploited Vulnerabilities (KEV) catalog, prompting… Read More »Citrix NetScaler ADC and Gateway Vulnerability (CVE-2025-5777): Securing Remote Access Gateways

Wing FTP Server Vulnerability (CVE-2025-47812)

On July 7, 2025, a critical vulnerability in Wing FTP Server was actively exploited in the wild. Identified as CVE-2025-47812 and carrying a maximum CVSS score of 10.0, the flaw allows unauthenticated attackers to execute arbitrary system commands through the product’s web interface. Security researcher Julien Ahrens discovered the issue, which originates from improper null… Read More »Wing FTP Server Vulnerability (CVE-2025-47812)

Ingram Micro Ransomware Attack: Strengthening Supply Chain Risk Assessment

On July 7, 2025, Ingram Micro, one of the world’s largest IT distribution companies, suffered a major ransomware attack, leading to global service disruptions. The company was forced to disconnect affected systems and halt operations temporarily to contain the breach. Services were restored by July 10, 2025, but the ripple effects impacted partners and customers across the supply chain.… Read More »Ingram Micro Ransomware Attack: Strengthening Supply Chain Risk Assessment

Weekly Report: New Hacking Techniques and Critical CVEs July 2-10, 2025

The week of July 2-10, 2025 witnessed significant escalation in cybersecurity threats with multiple critical incidents affecting major organizations globally. The period was marked by sophisticated ransomware attacks targeting critical infrastructure, critical zero-day vulnerabilities under active exploitation, and emergence of new APT campaigns targeting government entities. Key developments include the SafePay ransomware attack on global… Read More »Weekly Report: New Hacking Techniques and Critical CVEs July 2-10, 2025

What is Continuous Vulnerability Management (CVM)?

Table of Contents What is Continuous Vulnerability Management (CVM)? The Importance of Continuous Vulnerability Management Best Practices for Implementing CVM Developing a CVM Policy Continuous Monitoring and Assessment Integration with DevSecOps The Downsides of Traditional CVM Tools Alerts and False Positives Lack of Focus on Exploitables FireCompass: A Solution to CVM Challenges Reducing False Positives… Read More »What is Continuous Vulnerability Management (CVM)?

Use Cases
Technology
About
Partner
Resources

FireCompass – An EC Council Ecosystem Company.
©2025 . All Rights Reserved.

CONSENT REQUIRED

Before you continue —
a quick consent notice

This website uses functional cookies and third-party services to operate. Before they can load, we need your consent through our Consent Management Platform, operated by CookieYes (cookieyes.com).

Data transmitted to cookieyes.com
  • Your browser's IP address — transmitted as part of the outbound HTTP request
  • Your browser's User-Agent string — transmitted as part of the outbound HTTP request
  • No other data is collected or transmitted at this stage

Functional cookies are required for this website to operate. If you decline, the site cannot be fully displayed. You are always welcome to return and accept at any time.

By clicking "Accept & Continue" you will be directed to the CookieYes consent manager where you can make granular choices.  |  Privacy Policy