Date of Incident: December 15, 2025 Overview: In December 2025, SoundCloud experienced a data breach that compromised the personal and contact information of over 29.8 million user accounts. The breach, reported in January 2026, involved unauthorized access through weak API authentication and possibly compromised employee credentials. Attackers targeted the Broadcasting, Media & Internet sector, specifically… Read More »SoundCloud Data Breach
Three actively exploited zero-days, two CVSS 10.0 flaws, and critical supply chain compromises. Threat activity spans infrastructure (Cisco, Microsoft, Fortinet), AI/DevOps platforms (n8n, Chainlit, Zoom), and legacy systems. Dominant pattern: improper input validation enabling unauthenticated infrastructure takeover. Key Metrics: 3 zero-days exploited | 2 CVSS 10.0 flaws | 509 GB (ASRock Rack) + 861 GB… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 13 Jan- 19 Jan 2026
The week of January 13-19, 2026, saw 5 critical incidents impacting enterprise infrastructure. Key threats: zero-day RCE exploitation, patch bypass attacks, AI vulnerabilities, and sophisticated malware campaigns. Critical Trends: Zero-day exploitation in production (Cisco CVE-2026-20045) Patch bypass in 48 hours (SmarterMail) AI-native vulnerabilities (Google Gemini) Ransomware backdoor adoption (PDFSIDER) Voice-based phishing with real-time MFA bypass… Read More »Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 13 Jan – 19 Jan 2026
Date of Incident: 2024-04 Overview: In a credential stuffing attack reported in January 2026 but occurring in April 2024, PcComponentes, a retail company, experienced a breach resulting in the exposure of order details, physical addresses, full names, phone numbers, IP addresses, product wishlists, and customer support messages for a small number of accounts. Attackers used… Read More »PcComponentes Credential Stuffing Attack
Date of Incident: August to October 2023 Overview: The Supreme Court of the United States experienced a significant security breach in its electronic filing system between August and October 2023, disclosed in January 2026. Unauthorized access allowed the attacker to leak confidential details and victim names on Instagram. The breach leveraged techniques mapped to MITRE… Read More »Supreme Court Electronic Filing System Hack