Skip to content

Application Vulnerability Management

University of Pennsylvania Oracle E-Business Suite Breach

Date of Incident: August 2025 Overview: In August 2025, the University of Pennsylvania experienced a data breach targeting its Oracle E-Business Suite, attributed to the Clop ransomware group. Attackers exploited a zero-day vulnerability, compromising personal information of 1,488 individuals, with a potential for more. The breach utilized advanced tactics such as SQL injection and remote… Read More »University of Pennsylvania Oracle E-Business Suite Breach

University of Phoenix Oracle E-Business Suite Data Breach

Date of Incident: 2025-11-21 Overview: The University of Phoenix experienced a data breach on November 21, 2025, which was reported on December 3, 2025. This breach affected the education sector, compromising sensitive personal and financial information of current and former students, employees, faculty, and suppliers. Attackers exploited vulnerabilities in the Oracle E-Business Suite, specifically through… Read More »University of Phoenix Oracle E-Business Suite Data Breach

Cox Enterprises Oracle E-Business Suite Zero-Day Breach

Date of Incident: August 9-14, 2025 Overview: Cox Enterprises recently suffered a breach of its Oracle E-Business Suite, exploited by the Cl0p ransomware group through a zero-day vulnerability. Occurring between August 9-14, 2025, this attack exposed the personal data of 9,479 individuals. The Cl0p group utilized this vulnerability to inject ransomware, encrypting files and publishing… Read More »Cox Enterprises Oracle E-Business Suite Zero-Day Breach

CVE-2025-43712: JHipster Platform Privilege Escalation Vulnerability Discovered by FireCompass Research, Added to NIST

Product Name: JHipster Platform Vulnerability: Privilege Escalation via Response Manipulation Vulnerable Versions: Up to 8.9.0 CVE: CVE-2025-43712 Discovered by: Hritik Godara, FireCompass Research Team Researchers from the FireCompass Security Team discovered a privilege escalation vulnerability in the JHipster Platform (up to v8.9.0). The issue was identified in how the application processes authentication responses—specifically, improper server-side validation of user roles… Read More »CVE-2025-43712: JHipster Platform Privilege Escalation Vulnerability Discovered by FireCompass Research, Added to NIST

Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches July 14-21, 2025

The week of July 14-21, 2025, marked an unprecedented surge in critical cybersecurity incidents, characterized by multiple zero-day exploitations, state-sponsored campaigns, and a significant data breach affecting millions of individuals. The security landscape witnessed five critical-severity incidents, including active exploitation of Microsoft SharePoint servers, CrushFTP file transfer systems, and Citrix NetScaler appliances. Concurrently, Chinese APT… Read More »Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches July 14-21, 2025

Use Cases
Technology
About
Partner
Resources

FireCompass – An EC Council Ecosystem Company.
©2025 . All Rights Reserved.