Skip to content

Web Application Security Testing

Weekly Report: New Hacking Techniques and Critical CVEs 23 Sep – 29 Sep, 2025

The week of September 22-30, 2025 witnessed a critical escalation in cyber threats, highlighted by the active exploitation of two Cisco ASA firewall zero-day vulnerabilities (CVE-2025-20333 and CVE-2025-20362) by sophisticated state-sponsored actors. The U.S. Cybersecurity and Infrastructure Security Agency issued Emergency Directive ED 25-03, ordering federal agencies to immediately identify and mitigate potential compromises of… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 23 Sep – 29 Sep, 2025

Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 23 Sep – 29 Sep, 2025

The final week of September 2025 saw critical cybersecurity incidents impacting global aviation, automotive, retail, and manufacturing sectors. Key events include a crippling ransomware attack on Collins Aerospace that disrupted European airports, a major data breach at Stellantis exposing 18 million customer records via a compromised Salesforce platform, and a system-wide outage at Japan’s Asahi… Read More »Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 23 Sep – 29 Sep, 2025

Stellantis Salesforce Data Breach

Date of Incident: 2025-05 Overview: In May 2025, Stellantis experienced a data breach involving unauthorized access to a third-party Salesforce platform used for customer service operations in North America. Attackers stole over 18 million records containing customer contact information, including names and contact details. No financial or sensitive personal information was compromised. The breach was… Read More »Stellantis Salesforce Data Breach

CVE-2025-53770 (“ToolShell”): Critical SharePoint RCE Exploited in the Wild

A Critical Remote Code Execution (RCE) vulnerability—CVE-2025-53770 (“ToolShell”)— is actively being exploited in the wild, targeting the on-premises SharePoint Servers. In this blog, we break down the technical details, real-world attack flow, and actionable mitigations. What Is CVE-2025–53770? CVE-2025-53770 is a critical vulnerability with CVSS score of 9.8. It is an unauthenticated RCE vulnerability affecting… Read More »CVE-2025-53770 (“ToolShell”): Critical SharePoint RCE Exploited in the Wild

Weekly Report: New Hacking Techniques and Critical CVEs 09 Sep – 15 Sep, 2025

The final week of August was marked by an unprecedented intersection of SaaS, supply chain, and state infrastructure attacks. Standout incidents included the highly technical s1ngularity AI-assisted supply chain compromise of Nx, the widespread theft of Salesforce and Google data via the Salesloft Drift OAuth breach, and ransomware that brought Nevada’s government services to a… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 09 Sep – 15 Sep, 2025

Use Cases
Technology
About
Partner
Resources

FireCompass – An EC Council Ecosystem Company.
©2025 . All Rights Reserved.