During the week of RSA Conference in San Francisco, we hosted a special yacht gathering—marking a recent milestone for FireCompass in a simple and meaningful way. As we sailed past the iconic Golden Gate Bridge, circled Alcatraz Island, and watched the city transition from day to night, the setting created the perfect backdrop for an… Read More »FireCompass Celebrates a $20M Milestone During RSA Conference Week
For the last few years, autonomous penetration testing has been defined by proof of possibility that machines can plan and execute attacks without human operators. That question has been answered. The real question today is far more important: Can autonomous penetration testing operate credibly inside real enterprise environments continuously, safely, and at scale? At FireCompass,… Read More »Autonomous Penetration Testing Is Growing Up
Date of Incident: August 9-14, 2025 Overview: Cox Enterprises recently suffered a breach of its Oracle E-Business Suite, exploited by the Cl0p ransomware group through a zero-day vulnerability. Occurring between August 9-14, 2025, this attack exposed the personal data of 9,479 individuals. The Cl0p group utilized this vulnerability to inject ransomware, encrypting files and publishing… Read More »Cox Enterprises Oracle E-Business Suite Zero-Day Breach
In another blow to consumer data privacy, European retail giant Auchan has confirmed a data breach that impacted several hundred thousand of its customers. The breach specifically targeted customer loyalty accounts and resulted in the unauthorized exposure of sensitive personal information. >>Outpace Attackers With AI-Based Automated Penetration Testing What Was Exposed? Auchan’s loyalty program, a… Read More »Auchan Data Breach: Loyalty Program Compromise Exposes Customer Information
From 28 July to 4 August 2025, threat actors leveraged novel AI-assisted malware, zero-day chains against on-prem SharePoint, critical command-injection in CI/CD pipelines, and advanced social-engineering playbooks. Fourteen CVEs reached Critical severity, including two actively exploited zero-days. Dark-web chatter intensified around Medusa and BlackSuit takedown fallout, with ransomware affiliates trading victim data and custom tooling… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 28 July – 4 Aug , 2025