Skip to content

Blog

Weekly Report: New Hacking Techniques and Critical CVEs 4 Aug – 11 Aug, 2025

The cybersecurity landscape during August 4-11, 2025, witnessed a surge in critical zero-day exploitations, sophisticated ransomware campaigns, and nation-state attacks targeting critical infrastructure. Four major zero-day vulnerabilities were actively exploited in the wild, with threat actors demonstrating unprecedented speed in weaponizing newly disclosed flaws. The week’s most significant incidents included active exploitation of Citrix NetScaler… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 4 Aug – 11 Aug, 2025

Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 4 Aug – 11 Aug, 2025

The week of August 4-11, 2025 witnessed a significant escalation in cyber threat activity, marked by sophisticated supply chain attacks, zero-day exploitations, and critical infrastructure targeting. Key developments include massive data breaches affecting telecommunications providers, airlines, and financial institutions, alongside emergency government directives addressing critical vulnerabilities in Microsoft Exchange and SharePoint systems. Notable incidents include… Read More »Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 4 Aug – 11 Aug, 2025

Weekly Report: New Hacking Techniques and Critical CVEs 28 July – 4 Aug , 2025

From 28 July to 4 August 2025, threat actors leveraged novel AI-assisted malware, zero-day chains against on-prem SharePoint, critical command-injection in CI/CD pipelines, and advanced social-engineering playbooks. Fourteen CVEs reached Critical severity, including two actively exploited zero-days. Dark-web chatter intensified around Medusa and BlackSuit takedown fallout, with ransomware affiliates trading victim data and custom tooling… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 28 July – 4 Aug , 2025

Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 28 July – 4 Aug, 2025

During the week of 28 July – 4 August 2025, eight major cybersecurity incidents were disclosed across leading industry outlets. Adversaries leveraged zero-day exploits, social engineering, supply-chain compromises, misconfigurations, and phishing campaigns to exfiltrate sensitive data, deploy ransomware, and abuse infrastructure. Impacts ranged from private-message exposure to operational disruption of critical infrastructure. >>Outpace Attackers With… Read More »Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 28 July – 4 Aug, 2025

CVE-2025-43712: JHipster Platform Privilege Escalation Vulnerability Discovered by FireCompass Research, Added to NIST

Product Name: JHipster Platform Vulnerability: Privilege Escalation via Response Manipulation Vulnerable Versions: Up to 8.9.0 CVE: CVE-2025-43712 Discovered by: Hritik Godara, FireCompass Research Team Researchers from the FireCompass Security Team discovered a privilege escalation vulnerability in the JHipster Platform (up to v8.9.0). The issue was identified in how the application processes authentication responses—specifically, improper server-side validation of user roles… Read More »CVE-2025-43712: JHipster Platform Privilege Escalation Vulnerability Discovered by FireCompass Research, Added to NIST

Use Cases
Technology
About
Partner
Resources

©2024 FireCompass, All Rights Reserved.