Skip to content

Vulnerability Management Platform

Weekly Report: New Hacking Techniques and Critical CVEs 27 Jan- 2 Feb 2026

This week witnessed a critical surge in zero-day exploitation, mass-scale data breaches, and advanced persistence techniques targeting enterprise infrastructure across multiple verticals. Five confirmed critical vulnerabilities entered active exploitation phase, with 13 KEV (Known Exploited Vulnerability) additions recorded by CISA. The threat landscape reflects a strategic shift from encryption-based ransomware toward data exfiltration and extortion… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 27 Jan- 2 Feb 2026

NationStates data breach

Date of Incident: January 27, 2026 Overview: The NationStates data breach, reported on February 2, 2026, involved an unauthorized remote code execution on the company’s production server on January 27, 2026. Attackers accessed and copied user data, including email addresses, MD5 hashed passwords, IP addresses, UserAgent strings, and potential private messages. The website was taken… Read More »NationStates data breach

Weekly Report: New Hacking Techniques and Critical CVEs 13 Jan- 19 Jan 2026

Three actively exploited zero-days, two CVSS 10.0 flaws, and critical supply chain compromises. Threat activity spans infrastructure (Cisco, Microsoft, Fortinet), AI/DevOps platforms (n8n, Chainlit, Zoom), and legacy systems. Dominant pattern: improper input validation enabling unauthenticated infrastructure takeover. Key Metrics: 3 zero-days exploited | 2 CVSS 10.0 flaws | 509 GB (ASRock Rack) + 861 GB… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 13 Jan- 19 Jan 2026

Ingram Micro ransomware attack

Date of Incident: July 2-3, 2025 Overview: In July 2025, Ingram Micro experienced a ransomware attack, resulting in a data breach impacting over 42,000 individuals. The attackers deployed ransomware through phishing and exploited vulnerabilities in public-facing applications. Critical system files were encrypted, and documents containing personal information, such as Social Security numbers and government IDs,… Read More »Ingram Micro ransomware attack

Grubhub Data Breach 2025

Date of Incident: 2025 Overview: In the Grubhub Data Breach of 2025, hackers from the ShinyHunters group accessed Grubhub’s systems, targeting older Salesforce and newer Zendesk data. The breach, discovered and reported in early 2026, left financial information and order history untouched. Attackers utilized MITRE ATT&CK techniques T1078 (Valid Accounts) and T1566 (Phishing) to infiltrate… Read More »Grubhub Data Breach 2025

Use Cases
Technology
About
Partner
Resources

FireCompass – An EC Council Ecosystem Company.
©2025 . All Rights Reserved.