Skip to content

CVEs

Weekly Report: New Hacking Techniques and Critical CVEs 3 Feb- 9 Feb 2026

The week of February 3–9, 2026 saw threat actors increasingly abusing trusted platforms-cloud workloads, Linux‑on‑Windows via WSL, and enterprise‑grade ITSM appliances-to execute stealthy, AI‑accelerated operations. This report highlights four critical CVEs, two new offensive techniques, one national‑level breach, and key darkweb chatter that directly impact modern attack‑surface planning. >>Outpace Attackers With AI-Based Automated Penetration Testing… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 3 Feb- 9 Feb 2026

Weekly Report: New Hacking Techniques and Critical CVEs 13 Jan- 19 Jan 2026

Three actively exploited zero-days, two CVSS 10.0 flaws, and critical supply chain compromises. Threat activity spans infrastructure (Cisco, Microsoft, Fortinet), AI/DevOps platforms (n8n, Chainlit, Zoom), and legacy systems. Dominant pattern: improper input validation enabling unauthenticated infrastructure takeover. Key Metrics: 3 zero-days exploited | 2 CVSS 10.0 flaws | 509 GB (ASRock Rack) + 861 GB… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 13 Jan- 19 Jan 2026

Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 7 Jan – 12 Jan 2026

The first full operational week of 2026 (January 7-12) shattered expectations with a cascade of maximum-severity vulnerabilities and mass-scale data exposures. The week was dominated by Cyera’s disclosure of CVE-2026-21858 (Ni8mare)-a CVSS 10.0 unauthenticated RCE in n8n workflow automation affecting ~100,000 instances globally-and the re-emergence of 17.5 million Instagram user records on dark web forums,… Read More »Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 7 Jan – 12 Jan 2026

Weekly Report: New Hacking Techniques and Critical CVEs 26 Dec – 31 Dec 2025

The final week of 2025 (December 26-31) featured NVD publication of multiple critical CVEs including root RCE in Xspeeder SXZOS (CVE-2025-54322) and high-severity deserialization flaws, alongside reports of MongoBleed memory leaks in MongoDB and sustained scans on legacy FortiOS/Adobe ColdFusion vulnerabilities. Dark web forums pushed unrestricted AI tools like DIG AI for malware generation and… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 26 Dec – 31 Dec 2025

Weekly Report: New Hacking Techniques and Critical CVEs 18 Dec – 25 Dec 2025

The week of December 18-25, 2025 saw sustained active exploitation of critical network appliance vulnerabilities including Cisco CVE-2025-20393 (CVSS 10.0) and Fortinet SSO bypass flaws. No major data breaches with confirmed incident dates strictly within this 7-day period were identified from prioritized sources. Emerging threats included Cellik Android RAT with Play Store integration capabilities and… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 18 Dec – 25 Dec 2025

Use Cases
Technology
About
Partner
Resources

FireCompass – An EC Council Ecosystem Company.
©2025 . All Rights Reserved.