Skip to content

CVE

Weekly Report: New Hacking Techniques and Critical CVEs 22 Oct – 28 Oct, 2025

This week saw high-impact technical threats: WSUS servers actively exploited, LockBit ransomware’s upgraded return, dozens of new zero-days unveiled at Pwn2Own Ireland, advanced social engineering campaigns (ClickFix), and major underground coordination—each demanding proactive CISO action. >>Outpace Attackers With AI-Based Automated Penetration Testing New Hacking Techniques ClickFix Fullscreen Update Scam (Oct 27) Attackers deploy a convincing… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 22 Oct – 28 Oct, 2025

F5 BIG-IP Source Code and Vulnerabilities Breach

Date of Incident: August 9, 2025 Overview: In August 2025, F5 Networks experienced a breach by nation-state hackers who accessed and stole the source code, undisclosed vulnerabilities, and some customer configuration details of their BIG-IP products. Occurring on August 9 and reported on October 15, the attack involved advanced persistent threat actors utilizing specific MITRE… Read More »F5 BIG-IP Source Code and Vulnerabilities Breach

Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 23 Sep – 29 Sep, 2025

The final week of September 2025 saw critical cybersecurity incidents impacting global aviation, automotive, retail, and manufacturing sectors. Key events include a crippling ransomware attack on Collins Aerospace that disrupted European airports, a major data breach at Stellantis exposing 18 million customer records via a compromised Salesforce platform, and a system-wide outage at Japan’s Asahi… Read More »Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 23 Sep – 29 Sep, 2025

CVE-2025-54253: Pre-Auth RCE – Adobe AEM Forms on JEE Critical OGNL Injection

A critical vulnerability, CVE-2025-54253, was discovered in Adobe Experience Manager (AEM) Forms on JEE, a widely used enterprise Java application platform. This vulnerability arises from improper handling of OGNL expressions in an exposed debug servlet, allowing attackers to bypass authentication and remotely execute arbitrary code. With a maximum severity rating of CVSS 10.0, this vulnerability… Read More »CVE-2025-54253: Pre-Auth RCE – Adobe AEM Forms on JEE Critical OGNL Injection

SonicWall Firewall Configuration Backup Breach

Date of Incident: September 2025 Overview: In September 2025, SonicWall experienced a security incident affecting less than 5% of its firewall install base. The breach involved unauthorized access to firewall configuration backup files via brute-force attacks on the company’s cloud API service. Attackers potentially gained access to sensitive information such as credentials and tokens. While… Read More »SonicWall Firewall Configuration Backup Breach

Use Cases
Technology
About
Partner
Resources

FireCompass – An EC Council Ecosystem Company.
©2025 . All Rights Reserved.