Skip to content

breach_cve_trends

Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 23 Sep – 29 Sep, 2025

The final week of September 2025 saw critical cybersecurity incidents impacting global aviation, automotive, retail, and manufacturing sectors. Key events include a crippling ransomware attack on Collins Aerospace that disrupted European airports, a major data breach at Stellantis exposing 18 million customer records via a compromised Salesforce platform, and a system-wide outage at Japan’s Asahi… Read More »Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 23 Sep – 29 Sep, 2025

Harrods third-party supplier breach

Date of Incident: 2024 Overview: In 2024, Harrods experienced a data breach due to a third-party supplier vulnerability, affecting 430,000 customer records with names, contact details, and marketing information exposed. The breach, which became public in September 2025, did not compromise passwords, payment details, or order histories. Attackers used exploitation techniques like SQL Injection to… Read More »Harrods third-party supplier breach

Stellantis Salesforce Data Breach

Date of Incident: 2025-05 Overview: In May 2025, Stellantis experienced a data breach involving unauthorized access to a third-party Salesforce platform used for customer service operations in North America. Attackers stole over 18 million records containing customer contact information, including names and contact details. No financial or sensitive personal information was compromised. The breach was… Read More »Stellantis Salesforce Data Breach

CVE-2025-53770 (“ToolShell”): Critical SharePoint RCE Exploited in the Wild

A Critical Remote Code Execution (RCE) vulnerability—CVE-2025-53770 (“ToolShell”)— is actively being exploited in the wild, targeting the on-premises SharePoint Servers. In this blog, we break down the technical details, real-world attack flow, and actionable mitigations. What Is CVE-2025–53770? CVE-2025-53770 is a critical vulnerability with CVSS score of 9.8. It is an unauthenticated RCE vulnerability affecting… Read More »CVE-2025-53770 (“ToolShell”): Critical SharePoint RCE Exploited in the Wild

CVE-2025-54253: Pre-Auth RCE – Adobe AEM Forms on JEE Critical OGNL Injection

A critical vulnerability, CVE-2025-54253, was discovered in Adobe Experience Manager (AEM) Forms on JEE, a widely used enterprise Java application platform. This vulnerability arises from improper handling of OGNL expressions in an exposed debug servlet, allowing attackers to bypass authentication and remotely execute arbitrary code. With a maximum severity rating of CVSS 10.0, this vulnerability… Read More »CVE-2025-54253: Pre-Auth RCE – Adobe AEM Forms on JEE Critical OGNL Injection

Use Cases
Technology
About
Partner
Resources

FireCompass – An EC Council Ecosystem Company.
©2025 . All Rights Reserved.