Date of Incident: July 2-3, 2025 Overview: In July 2025, Ingram Micro experienced a ransomware attack, resulting in a data breach impacting over 42,000 individuals. The attackers deployed ransomware through phishing and exploited vulnerabilities in public-facing applications. Critical system files were encrypted, and documents containing personal information, such as Social Security numbers and government IDs,… Read More »Ingram Micro ransomware attack
Date of Incident: 2025 Overview: In the Grubhub Data Breach of 2025, hackers from the ShinyHunters group accessed Grubhub’s systems, targeting older Salesforce and newer Zendesk data. The breach, discovered and reported in early 2026, left financial information and order history untouched. Attackers utilized MITRE ATT&CK techniques T1078 (Valid Accounts) and T1566 (Phishing) to infiltrate… Read More »Grubhub Data Breach 2025
Between January 7-12, 2026, four developments stand out for enterprise defenders: n8n CVE-2026-21858 (Ni8mare): A maximum-severity (CVSS 10.0) unauthenticated remote code execution vulnerability in n8n workflow automation platform, enabling complete infrastructure takeover through content-type confusion. The vulnerability was disclosed January 7, 2026, with proof-of-concept exploit publicly available; 26,500+ internet-exposed instances remain at risk. Trust Wallet… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 7 Jan – 12 Jan 2026
The first full operational week of 2026 (January 7-12) shattered expectations with a cascade of maximum-severity vulnerabilities and mass-scale data exposures. The week was dominated by Cyera’s disclosure of CVE-2026-21858 (Ni8mare)-a CVSS 10.0 unauthenticated RCE in n8n workflow automation affecting ~100,000 instances globally-and the re-emergence of 17.5 million Instagram user records on dark web forums,… Read More »Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 7 Jan – 12 Jan 2026
The week of December 10-17, 2025 witnessed unprecedented velocity in critical vulnerability exploitation and nation-state targeting of global infrastructure. Five CVSS 10.0/9.8-rated vulnerabilities entered active exploitation phases within 72 hours of disclosure, impacting 644,000+ domains and requiring emergency government directives. Simultaneously, APT36 demonstrated Linux-specific espionage capabilities against Indian government infrastructure, ToddyCat expanded email harvesting operations,… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 10 Dec – 17 Dec 2025