Date of Incident: January 2025 Overview: In January 2025, Nike fell victim to a cyberattack by the World Leaks ransomware gang, which exploited vulnerabilities in Nike’s corporate network. The breach resulted in the leak of nearly 190,000 files, revealing sensitive corporate data that could potentially compromise consumer privacy and business operations. The attackers used sophisticated… Read More »Nike Data Breach by World Leaks Ransomware Gang
Date of Incident: July 2-3, 2025 Overview: In July 2025, Ingram Micro experienced a ransomware attack, resulting in a data breach impacting over 42,000 individuals. The attackers deployed ransomware through phishing and exploited vulnerabilities in public-facing applications. Critical system files were encrypted, and documents containing personal information, such as Social Security numbers and government IDs,… Read More »Ingram Micro ransomware attack
Between January 7-12, 2026, four developments stand out for enterprise defenders: n8n CVE-2026-21858 (Ni8mare): A maximum-severity (CVSS 10.0) unauthenticated remote code execution vulnerability in n8n workflow automation platform, enabling complete infrastructure takeover through content-type confusion. The vulnerability was disclosed January 7, 2026, with proof-of-concept exploit publicly available; 26,500+ internet-exposed instances remain at risk. Trust Wallet… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 7 Jan – 12 Jan 2026
The final week of 2025 (December 26-31) featured NVD publication of multiple critical CVEs including root RCE in Xspeeder SXZOS (CVE-2025-54322) and high-severity deserialization flaws, alongside reports of MongoBleed memory leaks in MongoDB and sustained scans on legacy FortiOS/Adobe ColdFusion vulnerabilities. Dark web forums pushed unrestricted AI tools like DIG AI for malware generation and… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 26 Dec – 31 Dec 2025
The holiday week of December 18–25, 2025, defied the traditional “quiet period,” characterized instead by high-impact disclosures and active exploitation of critical infrastructure. The week was dominated by Cisco’s confirmation of a zero-day (CVE-2025-20393) in its secure email gateways, actively exploited by China-nexus APTs. On the data breach front, major insurance provider Aflac disclosed a… Read More »Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 18 Dec – 25 Dec 2025