Skip to content

Zero-Day Exploits

Weekly Report: New Hacking Techniques and Critical CVEs 2 Dec – 10 Dec 2025

Between 2-10 December 2025, three developments stand out for enterprise defenders: Shai-Hulud 2.0 npm worm: A rapidly evolving supply chain threat abusing npm and GitHub Actions to build a self-propagating CI/CD worm, with active reporting and defensive guidance released during this week. The underlying campaign began in September but continued and evolved into December, especially… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 2 Dec – 10 Dec 2025

Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 2 Dec – 10 Dec 2025

From December 2-10, 2025, disclosures around an Oracle E‑Business Suite campaign, a large third‑party fintech breach, and several sector‑specific data exposures highlighted how platform and vendor compromises are driving multi‑organization risk. University of Phoenix confirmed a significant Oracle EBS breach tied to CVE‑2025‑61882, Marquis Software’s ransomware breach impacted over 74 U.S. banks and credit unions,… Read More »Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 2 Dec – 10 Dec 2025

University of Pennsylvania Oracle E-Business Suite Breach

Date of Incident: August 2025 Overview: In August 2025, the University of Pennsylvania experienced a data breach targeting its Oracle E-Business Suite, attributed to the Clop ransomware group. Attackers exploited a zero-day vulnerability, compromising personal information of 1,488 individuals, with a potential for more. The breach utilized advanced tactics such as SQL injection and remote… Read More »University of Pennsylvania Oracle E-Business Suite Breach

University of Phoenix Oracle E-Business Suite Data Breach

Date of Incident: 2025-11-21 Overview: The University of Phoenix experienced a data breach on November 21, 2025, which was reported on December 3, 2025. This breach affected the education sector, compromising sensitive personal and financial information of current and former students, employees, faculty, and suppliers. Attackers exploited vulnerabilities in the Oracle E-Business Suite, specifically through… Read More »University of Phoenix Oracle E-Business Suite Data Breach

Cox Enterprises Oracle E-Business Suite Zero-Day Breach

Date of Incident: August 9-14, 2025 Overview: Cox Enterprises recently suffered a breach of its Oracle E-Business Suite, exploited by the Cl0p ransomware group through a zero-day vulnerability. Occurring between August 9-14, 2025, this attack exposed the personal data of 9,479 individuals. The Cl0p group utilized this vulnerability to inject ransomware, encrypting files and publishing… Read More »Cox Enterprises Oracle E-Business Suite Zero-Day Breach

Use Cases
Technology
About
Partner
Resources

FireCompass – An EC Council Ecosystem Company.
©2025 . All Rights Reserved.