Skip to content

Automated Penetration Testing

Weekly Report: New Hacking Techniques and Critical CVEs July 21-27, 2025

This week’s critical cybersecurity developments (July 21–27, 2025) encompass actively exploited zero-days, industrial control system vulnerabilities, and sophisticated ransomware and APT activity surfacing on underground forums. Microsoft SharePoint servers continue under siege via the “ToolShell” exploit chain (CVE-2025-49706, CVE-2025-49704), while Google Chrome’s V8 engine suffered an in-the-wild type-confusion zero-day (CVE-2025-6554). Multiple high-severity flaws in Honeywell’s… Read More »Weekly Report: New Hacking Techniques and Critical CVEs July 21-27, 2025

Weekly Report: New Hacking Techniques and Critical CVEs July 14-21, 2025

The week of July 14-21, 2025, witnessed an unprecedented escalation in cybersecurity threats with multiple critical zero-day vulnerabilities under active exploitation, sophisticated state-sponsored attacks, and a major international law enforcement operation against Russian cybercriminals. The period was characterized by maximum-severity vulnerabilities achieving immediate weaponization, advanced persistent threat campaigns deploying next-generation malware, and coordinated international cybercrime… Read More »Weekly Report: New Hacking Techniques and Critical CVEs July 14-21, 2025

HPE Networking Instant On Access Points Vulnerabilities (CVE-2025-37103, CVE-2025-37102): Hardening Network Infrastructure

Overview On July 18, 2025, HPE disclosed two vulnerabilities in its Networking Instant On Access APs: CVE-2025-37103 (CVSS 9.8, hard-coded credentials) and CVE-2025-37102 (CVSS 7.2, authenticated command injection). These flaws allow attackers to bypass authentication and execute arbitrary commands with elevated privileges. Explanation CVE-2025-37103 involves hard-coded credentials in HPE Instant On Access Points, enabling attackers… Read More »HPE Networking Instant On Access Points Vulnerabilities (CVE-2025-37103, CVE-2025-37102): Hardening Network Infrastructure

Weekly Report: New Hacking Techniques and Critical CVEs July 11-17, 2025

Cyber adversaries intensified efforts this week with two new exploited zero-days, multiple critical vulnerabilities, and fresh ransomware-as-a-service (RaaS) operations adopting AI-driven negotiation panels. The following pages provide an exhaustive, technically focused brief for CISOs and security engineering teams. Modern attack surface expansion and rapid exploit adoption defined the last seven days. Google patched and confirmed… Read More »Weekly Report: New Hacking Techniques and Critical CVEs July 11-17, 2025

Ingram Micro Ransomware Attack: Strengthening Supply Chain Risk Assessment

On July 7, 2025, Ingram Micro, one of the world’s largest IT distribution companies, suffered a major ransomware attack, leading to global service disruptions. The company was forced to disconnect affected systems and halt operations temporarily to contain the breach. Services were restored by July 10, 2025, but the ripple effects impacted partners and customers across the supply chain.… Read More »Ingram Micro Ransomware Attack: Strengthening Supply Chain Risk Assessment

Use Cases
Technology
About
Partner
Resources

FireCompass – An EC Council Ecosystem Company.
©2025 . All Rights Reserved.