Skip to content

Third Party Risk Management

Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 1 Jan – 6 Jan 2026

The first week of 2026 confirmed a clear trend: attackers are shifting from noisy infrastructure takeovers to trust abuse and perception manipulation. Instead of large, unambiguous “smash-and-grab” breaches, the week was shaped by: A high‑profile but non‑production NordVPN “breach” claim, weaponizing incomplete test data exposure and social perception. An escalation in Russia‑aligned UAC‑0184 espionage using… Read More »Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 1 Jan – 6 Jan 2026

Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 2 Dec – 10 Dec 2025

From December 2-10, 2025, disclosures around an Oracle E‑Business Suite campaign, a large third‑party fintech breach, and several sector‑specific data exposures highlighted how platform and vendor compromises are driving multi‑organization risk. University of Phoenix confirmed a significant Oracle EBS breach tied to CVE‑2025‑61882, Marquis Software’s ransomware breach impacted over 74 U.S. banks and credit unions,… Read More »Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 2 Dec – 10 Dec 2025

Harvard University Alumni Affairs and Development Systems Data Breach

Date of Incident: November 18, 2025 Overview: The Harvard University Alumni Affairs and Development systems experienced a data breach on November 18, 2025, which exposed personal information of students, alumni, donors, staff, and faculty, including contact details and event records. While sensitive financial and security details remained secure, attackers gained unauthorized access using phishing techniques… Read More »Harvard University Alumni Affairs and Development Systems Data Breach

Iberia Customer Data Leak

Date of Incident: 2024-04 Overview: The Iberia Customer Data Leak, reported on November 23, 2025, involved unauthorized access to a third-party vendor’s system supporting Iberia in April 2024. This breach exposed customer names, email addresses, and loyalty card IDs but did not compromise login credentials, passwords, or payment card information. The attack leveraged vulnerabilities and… Read More »Iberia Customer Data Leak

GlobalLogic Oracle E-Business Suite Data Breach

Date of Incident: 2025-10-09 Overview: GlobalLogic experienced a significant data breach involving their Oracle E-Business Suite on October 9, 2025. This breach led to the theft of personal information from 10,471 current and former employees, including sensitive data like passport details and bank information. Attackers exploited vulnerabilities using SQL injection and network sniffing techniques to… Read More »GlobalLogic Oracle E-Business Suite Data Breach

Use Cases
Technology
About
Partner
Resources

FireCompass – An EC Council Ecosystem Company.
©2025 . All Rights Reserved.