Skip to content

Supply Chain Security

Weekly Report: New Hacking Techniques and Critical CVEs 2 Dec – 10 Dec 2025

Between 2-10 December 2025, three developments stand out for enterprise defenders: Shai-Hulud 2.0 npm worm: A rapidly evolving supply chain threat abusing npm and GitHub Actions to build a self-propagating CI/CD worm, with active reporting and defensive guidance released during this week. The underlying campaign began in September but continued and evolved into December, especially… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 2 Dec – 10 Dec 2025

Weekly Report: New Hacking Techniques and Critical CVEs 03 Sep – 09 Sep, 2025

The cybersecurity landscape during September 3-9, 2025, was dominated by several critical developments that demand immediate attention from security leaders. Most notably, a massive npm supply chain attack compromised over 18 widely-used JavaScript packages with billions of weekly downloads, while two actively exploited Android zero-day vulnerabilities (CVE-2025-38352 and CVE-2025-48543) underscored the persistent threat of mobile… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 03 Sep – 09 Sep, 2025

Use Cases
Technology
About
Partner
Resources

FireCompass – An EC Council Ecosystem Company.
©2025 . All Rights Reserved.