Skip to content

Web Application

Weekly Report: New Hacking Techniques and Critical CVEs July 11-17, 2025

Cyber adversaries intensified efforts this week with two new exploited zero-days, multiple critical vulnerabilities, and fresh ransomware-as-a-service (RaaS) operations adopting AI-driven negotiation panels. The following pages provide an exhaustive, technically focused brief for CISOs and security engineering teams. Modern attack surface expansion and rapid exploit adoption defined the last seven days. Google patched and confirmed… Read More »Weekly Report: New Hacking Techniques and Critical CVEs July 11-17, 2025

Weekly Report: New Hacking Techniques and Critical CVEs July 2-10, 2025

The week of July 2-10, 2025 witnessed significant escalation in cybersecurity threats with multiple critical incidents affecting major organizations globally. The period was marked by sophisticated ransomware attacks targeting critical infrastructure, critical zero-day vulnerabilities under active exploitation, and emergence of new APT campaigns targeting government entities. Key developments include the SafePay ransomware attack on global… Read More »Weekly Report: New Hacking Techniques and Critical CVEs July 2-10, 2025

Zero Auth, Full Control: Inside the Critical vBulletin CVE-2025-48827

Zero-day vulnerabilities are a serious threat to organizations all over the world in the consistently elevating field of cybersecurity. Recently, a critical vulnerability known as CVE-2025-48827 surfaced, leaving systems vulnerable to privilege escalation alongside remote code execution (RCE) attacks. This blog post provides an in-depth analysis of the vulnerability, a step-by-step exploitation guide, and actionable… Read More »Zero Auth, Full Control: Inside the Critical vBulletin CVE-2025-48827

Understanding CVE-2025-34028, Commvault’s Critical Pre-Auth RCE Vulnerability

In April 2025, a critical pre-auth Remote Code Execution vulnerability, CVE-2025-34028, was discovered in Commvault Command Center. This vulnerability allows attackers to achieve remote code execution without authentication by exploiting an Server-Side Request forgery (SSRF) and a path traversal issue that enables uploading and executing malicious ZIP files. With a CVSS score of 10.0, this… Read More »Understanding CVE-2025-34028, Commvault’s Critical Pre-Auth RCE Vulnerability

Uncovering Hidden Secrets Within JavaScript Files

Uncovering Hidden Secrets Within JavaScript Files JavaScript is one of the most popular programming languages, and modern web applications heavily rely on this framework. Starting from API calls, many critical functionalities are built on the client side nowadays. Through this blog, I will demonstrate how to automate your task to find unique vulnerabilities in JavaScript… Read More »Uncovering Hidden Secrets Within JavaScript Files

Use Cases
Technology
About
Partner
Resources

FireCompass – An EC Council Ecosystem Company.
©2025 . All Rights Reserved.