Date of Incident: April 2024 Overview: The Red Hat data breach, reported in October 2025, occurred in April 2024 and involved unauthorized access to around 570GB of compressed data from 28,000 internal development repositories. The breach affected the software sector, compromising sensitive Customer Engagement Reports (CERs) that contained critical information about networks and infrastructure of… Read More »Red Hat Data Breach
The week of September 22-30, 2025 witnessed a critical escalation in cyber threats, highlighted by the active exploitation of two Cisco ASA firewall zero-day vulnerabilities (CVE-2025-20333 and CVE-2025-20362) by sophisticated state-sponsored actors. The U.S. Cybersecurity and Infrastructure Security Agency issued Emergency Directive ED 25-03, ordering federal agencies to immediately identify and mitigate potential compromises of… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 23 Sep – 29 Sep, 2025
The final week of August was marked by an unprecedented intersection of SaaS, supply chain, and state infrastructure attacks. Standout incidents included the highly technical s1ngularity AI-assisted supply chain compromise of Nx, the widespread theft of Salesforce and Google data via the Salesloft Drift OAuth breach, and ransomware that brought Nevada’s government services to a… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 09 Sep – 15 Sep, 2025
The cybersecurity landscape during September 3-9, 2025, was dominated by several critical developments that demand immediate attention from security leaders. Most notably, a massive npm supply chain attack compromised over 18 widely-used JavaScript packages with billions of weekly downloads, while two actively exploited Android zero-day vulnerabilities (CVE-2025-38352 and CVE-2025-48543) underscored the persistent threat of mobile… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 03 Sep – 09 Sep, 2025