Skip to content

CVEs

Weekly Report: New Hacking Techniques and Critical CVEs 10 Dec – 17 Dec 2025

The week of December 10-17, 2025 witnessed unprecedented velocity in critical vulnerability exploitation and nation-state targeting of global infrastructure. Five CVSS 10.0/9.8-rated vulnerabilities entered active exploitation phases within 72 hours of disclosure, impacting 644,000+ domains and requiring emergency government directives. Simultaneously, APT36 demonstrated Linux-specific espionage capabilities against Indian government infrastructure, ToddyCat expanded email harvesting operations,… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 10 Dec – 17 Dec 2025

Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 2 Dec – 10 Dec 2025

From December 2-10, 2025, disclosures around an Oracle E‑Business Suite campaign, a large third‑party fintech breach, and several sector‑specific data exposures highlighted how platform and vendor compromises are driving multi‑organization risk. University of Phoenix confirmed a significant Oracle EBS breach tied to CVE‑2025‑61882, Marquis Software’s ransomware breach impacted over 74 U.S. banks and credit unions,… Read More »Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 2 Dec – 10 Dec 2025

Weekly Report: New Hacking Techniques and Critical CVEs 14 Oct – 21 Oct 2025

The week witnessed significant nation-state activity, ransomware campaigns, and infrastructure breaches. F5 Networks disclosed a supply chain compromise exposing 600,000+ BIG-IP devices to zero-day exploitation. North Korean APT groups deployed blockchain-based malware through EtherHiding. Vocus telecommunications suffered SIM swap attacks affecting 1,600 customers. Japanese retailer Askul’s ransomware cascaded through Muji and Loft operations. Key Statistics:… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 14 Oct – 21 Oct 2025

Weekly Report: New Hacking Techniques and Critical CVEs 7 Oct – 13 Oct 2025

The week of October 7-13, 2025, witnessed an unprecedented escalation in cybersecurity threats, marked by the active exploitation of critical zero-day vulnerabilities and sophisticated ransomware campaigns targeting enterprise infrastructure. Seven major incidents dominated the threat landscape, with particular focus on Oracle E-Business Suite and Redis vulnerabilities being exploited by prominent threat actors including Cl0p ransomware… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 7 Oct – 13 Oct 2025

Clop Ransomware Gang Oracle E-Business Suite Data Breach

Date of Incident: August 2024 Overview: In August 2024, the Clop ransomware gang exploited a zero-day vulnerability in Oracle E-Business Suite to breach Harvard University’s systems in the education sector. The incident, affecting a limited number of parties within a small administrative unit, involved unauthorized remote code execution that allowed the attackers to encrypt files… Read More »Clop Ransomware Gang Oracle E-Business Suite Data Breach

Use Cases
Technology
About
Partner
Resources

FireCompass – An EC Council Ecosystem Company.
©2025 . All Rights Reserved.