Skip to content

Enterprise Digital Footprint

Weekly Report: New Hacking Techniques and Critical CVEs 20 Jan – 26 Jan 2026

Three actively exploited zero-days, two CVSS 10.0 flaws, and critical supply chain compromises. Threat activity spans infrastructure (Cisco, Microsoft, Fortinet), AI/DevOps platforms (n8n, Chainlit, Zoom), and legacy systems. Dominant pattern: improper input validation enabling unauthenticated infrastructure takeover. Key Metrics: 3 zero-days exploited | 2 CVSS 10.0 flaws | 509 GB (ASRock Rack) + 861 GB… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 20 Jan – 26 Jan 2026

Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 20 Jan – 26 Jan 2026

This week witnessed a confluence of critical cyber incidents spanning ransomware extortion, zero-day vulnerabilities, and state-sponsored APT campaigns targeting critical infrastructure and Fortune 500 companies. Notable incidents include Nike’s 1.4TB WorldLeaks data leak exposing R&D and manufacturing data, McDonald’s India’s 861GB Everest ransomware exfiltration affecting millions of customer records, Fortinet’s CVE-2026-24858 critical zero-day enabling unauthorized… Read More »Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 20 Jan – 26 Jan 2026

Nike Data Breach by World Leaks Ransomware Gang

Date of Incident: January 2025 Overview: In January 2025, Nike fell victim to a cyberattack by the World Leaks ransomware gang, which exploited vulnerabilities in Nike’s corporate network. The breach resulted in the leak of nearly 190,000 files, revealing sensitive corporate data that could potentially compromise consumer privacy and business operations. The attackers used sophisticated… Read More »Nike Data Breach by World Leaks Ransomware Gang

SoundCloud Data Breach

Date of Incident: December 15, 2025 Overview: In December 2025, SoundCloud experienced a data breach that compromised the personal and contact information of over 29.8 million user accounts. The breach, reported in January 2026, involved unauthorized access through weak API authentication and possibly compromised employee credentials. Attackers targeted the Broadcasting, Media & Internet sector, specifically… Read More »SoundCloud Data Breach

PcComponentes Credential Stuffing Attack

Date of Incident: 2024-04 Overview: In a credential stuffing attack reported in January 2026 but occurring in April 2024, PcComponentes, a retail company, experienced a breach resulting in the exposure of order details, physical addresses, full names, phone numbers, IP addresses, product wishlists, and customer support messages for a small number of accounts. Attackers used… Read More »PcComponentes Credential Stuffing Attack

Use Cases
Technology
About
Partner
Resources

FireCompass – An EC Council Ecosystem Company.
©2025 . All Rights Reserved.