Skip to content

Ransomware

Weekly Report: New Hacking Techniques and Critical CVEs 26 Dec – 31 Dec 2025

The final week of 2025 (December 26-31) featured NVD publication of multiple critical CVEs including root RCE in Xspeeder SXZOS (CVE-2025-54322) and high-severity deserialization flaws, alongside reports of MongoBleed memory leaks in MongoDB and sustained scans on legacy FortiOS/Adobe ColdFusion vulnerabilities. Dark web forums pushed unrestricted AI tools like DIG AI for malware generation and… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 26 Dec – 31 Dec 2025

Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 18 Dec – 25 Dec 2025

The holiday week of December 18–25, 2025, defied the traditional “quiet period,” characterized instead by high-impact disclosures and active exploitation of critical infrastructure. The week was dominated by Cisco’s confirmation of a zero-day (CVE-2025-20393) in its secure email gateways, actively exploited by China-nexus APTs. On the data breach front, major insurance provider Aflac disclosed a… Read More »Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 18 Dec – 25 Dec 2025

Weekly Report: New Hacking Techniques and Critical CVEs 18 Dec – 25 Dec 2025

The week of December 18-25, 2025 saw sustained active exploitation of critical network appliance vulnerabilities including Cisco CVE-2025-20393 (CVSS 10.0) and Fortinet SSO bypass flaws. No major data breaches with confirmed incident dates strictly within this 7-day period were identified from prioritized sources. Emerging threats included Cellik Android RAT with Play Store integration capabilities and… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 18 Dec – 25 Dec 2025

Weekly Report: New Hacking Techniques and Critical CVEs 10 Dec – 17 Dec 2025

The week of December 10-17, 2025 witnessed unprecedented velocity in critical vulnerability exploitation and nation-state targeting of global infrastructure. Five CVSS 10.0/9.8-rated vulnerabilities entered active exploitation phases within 72 hours of disclosure, impacting 644,000+ domains and requiring emergency government directives. Simultaneously, APT36 demonstrated Linux-specific espionage capabilities against Indian government infrastructure, ToddyCat expanded email harvesting operations,… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 10 Dec – 17 Dec 2025

Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 10 Dec – 17 Dec 2025

This week (December 10–17, 2025) has been defined by state-level vulnerability exploitation and critical infrastructure sieges. The most significant strategic development is the confirmation of a successful breach of the French Interior Ministry, driven not by a zero-day, but by fundamental hygiene failures—a stark reminder that nation-state targets are often compromised via the path of… Read More »Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 10 Dec – 17 Dec 2025

Use Cases
Technology
About
Partner
Resources

FireCompass – An EC Council Ecosystem Company.
©2025 . All Rights Reserved.