Skip to content

Supply Chain Security

Weekly Report: New Hacking Techniques and Critical CVEs 13 Jan- 19 Jan 2026

Three actively exploited zero-days, two CVSS 10.0 flaws, and critical supply chain compromises. Threat activity spans infrastructure (Cisco, Microsoft, Fortinet), AI/DevOps platforms (n8n, Chainlit, Zoom), and legacy systems. Dominant pattern: improper input validation enabling unauthenticated infrastructure takeover. Key Metrics: 3 zero-days exploited | 2 CVSS 10.0 flaws | 509 GB (ASRock Rack) + 861 GB… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 13 Jan- 19 Jan 2026

Ingram Micro ransomware attack

Date of Incident: July 2-3, 2025 Overview: In July 2025, Ingram Micro experienced a ransomware attack, resulting in a data breach impacting over 42,000 individuals. The attackers deployed ransomware through phishing and exploited vulnerabilities in public-facing applications. Critical system files were encrypted, and documents containing personal information, such as Social Security numbers and government IDs,… Read More »Ingram Micro ransomware attack

Weekly Report: New Hacking Techniques and Critical CVEs 7 Jan – 12 Jan 2026

Between January 7-12, 2026, four developments stand out for enterprise defenders: n8n CVE-2026-21858 (Ni8mare): A maximum-severity (CVSS 10.0) unauthenticated remote code execution vulnerability in n8n workflow automation platform, enabling complete infrastructure takeover through content-type confusion. The vulnerability was disclosed January 7, 2026, with proof-of-concept exploit publicly available; 26,500+ internet-exposed instances remain at risk. Trust Wallet… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 7 Jan – 12 Jan 2026

Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 1 Jan – 6 Jan 2026

The first week of 2026 confirmed a clear trend: attackers are shifting from noisy infrastructure takeovers to trust abuse and perception manipulation. Instead of large, unambiguous “smash-and-grab” breaches, the week was shaped by: A high‑profile but non‑production NordVPN “breach” claim, weaponizing incomplete test data exposure and social perception. An escalation in Russia‑aligned UAC‑0184 espionage using… Read More »Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 1 Jan – 6 Jan 2026

Weekly Report: New Hacking Techniques and Critical CVEs 10 Dec – 17 Dec 2025

The week of December 10-17, 2025 witnessed unprecedented velocity in critical vulnerability exploitation and nation-state targeting of global infrastructure. Five CVSS 10.0/9.8-rated vulnerabilities entered active exploitation phases within 72 hours of disclosure, impacting 644,000+ domains and requiring emergency government directives. Simultaneously, APT36 demonstrated Linux-specific espionage capabilities against Indian government infrastructure, ToddyCat expanded email harvesting operations,… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 10 Dec – 17 Dec 2025

Use Cases
Technology
About
Partner
Resources

FireCompass – An EC Council Ecosystem Company.
©2025 . All Rights Reserved.