Skip to content

Privilege Escalation

European Commission Mobile Device Management Breach

Date of Incident: 2026-01-30 Overview: The European Commission experienced a security breach in their Mobile Device Management (MDM) system on January 30, 2026, which was reported on February 9, 2026. The breach affected staff members’ personal information, including names and phone numbers, but did not compromise the mobile devices themselves. Attackers leveraged MITRE ATT&CK techniques… Read More »European Commission Mobile Device Management Breach

Weekly Report: New Hacking Techniques and Critical CVEs 2 Dec – 10 Dec 2025

Between 2-10 December 2025, three developments stand out for enterprise defenders: Shai-Hulud 2.0 npm worm: A rapidly evolving supply chain threat abusing npm and GitHub Actions to build a self-propagating CI/CD worm, with active reporting and defensive guidance released during this week. The underlying campaign began in September but continued and evolved into December, especially… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 2 Dec – 10 Dec 2025

Allianz Life July 2025 Data Breach

Date of Incident: July 16, 2025 Overview: In July 2025, Allianz Life experienced a data breach affecting nearly 1.5 million individuals, involving unauthorized access via a spear-phishing campaign that targeted employee credentials. The breach exposed sensitive data, including names, addresses, dates of birth, and social security numbers. Attackers used compromised credentials to escalate privileges and… Read More »Allianz Life July 2025 Data Breach

Insight Partners Ransomware Breach

Date of Incident: October 25, 2024 to January 16, 2025 Overview: The Insight Partners ransomware breach, reported on September 17, 2025, occurred between October 25, 2024, and January 16, 2025. It affected 12,657 individuals and compromised sensitive data, including banking, tax, personal information of past and current employees, and details related to limited partners and… Read More »Insight Partners Ransomware Breach

Weekly Report: New Hacking Techniques and Critical CVEs 09 Sep – 15 Sep, 2025

The final week of August was marked by an unprecedented intersection of SaaS, supply chain, and state infrastructure attacks. Standout incidents included the highly technical s1ngularity AI-assisted supply chain compromise of Nx, the widespread theft of Salesforce and Google data via the Salesloft Drift OAuth breach, and ransomware that brought Nevada’s government services to a… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 09 Sep – 15 Sep, 2025

Use Cases
Technology
About
Partner
Resources

FireCompass – An EC Council Ecosystem Company.
©2025 . All Rights Reserved.