Date of Incident: 2023-10-30 Overview: The University of Pennsylvania experienced a significant data breach reported on November 2, 2025, affecting the education sector. The incident, which occurred on October 30, 2023, exposed sensitive information of 1.2 million donors, including personal and demographic details, and resulted in offensive emails being sent to 700,000 recipients. Attackers gained… Read More »University of Pennsylvania Data Breach
This week saw high-impact technical threats: WSUS servers actively exploited, LockBit ransomware’s upgraded return, dozens of new zero-days unveiled at Pwn2Own Ireland, advanced social engineering campaigns (ClickFix), and major underground coordination—each demanding proactive CISO action. >>Outpace Attackers With AI-Based Automated Penetration Testing New Hacking Techniques ClickFix Fullscreen Update Scam (Oct 27) Attackers deploy a convincing… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 22 Oct – 28 Oct, 2025
The week witnessed significant nation-state activity, ransomware campaigns, and infrastructure breaches. F5 Networks disclosed a supply chain compromise exposing 600,000+ BIG-IP devices to zero-day exploitation. North Korean APT groups deployed blockchain-based malware through EtherHiding. Vocus telecommunications suffered SIM swap attacks affecting 1,600 customers. Japanese retailer Askul’s ransomware cascaded through Muji and Loft operations. Key Statistics:… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 14 Oct – 21 Oct 2025
Date of Incident: August 2024 Overview: In August 2024, the Clop ransomware gang exploited a zero-day vulnerability in Oracle E-Business Suite to breach Harvard University’s systems in the education sector. The incident, affecting a limited number of parties within a small administrative unit, involved unauthorized remote code execution that allowed the attackers to encrypt files… Read More »Clop Ransomware Gang Oracle E-Business Suite Data Breach
Date of Incident: 2025-10-01 Overview: The ShinyHunters Salesforce Data Leak, reported on October 3, 2025, involves unauthorized access to Salesforce cloud instances due to exploited API vulnerabilities and possibly misconfigured permissions. Approximately 1 billion records from 39 companies were potentially impacted, with personal information stolen and samples leaked alongside ransom demands. The breach demonstrated automated… Read More »ShinyHunters Salesforce Data Leak