Skip to content

Blog

Weekly Report: New Hacking Techniques and Critical CVEs July 21-27, 2025

This week’s critical cybersecurity developments (July 21–27, 2025) encompass actively exploited zero-days, industrial control system vulnerabilities, and sophisticated ransomware and APT activity surfacing on underground forums. Microsoft SharePoint servers continue under siege via the “ToolShell” exploit chain (CVE-2025-49706, CVE-2025-49704), while Google Chrome’s V8 engine suffered an in-the-wild type-confusion zero-day (CVE-2025-6554). Multiple high-severity flaws in Honeywell’s… Read More »Weekly Report: New Hacking Techniques and Critical CVEs July 21-27, 2025

Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches July 21-27, 2025

The cybersecurity landscape during July 21-27, 2025, was dominated by widespread exploitation of Microsoft SharePoint vulnerabilities collectively known as “ToolShell,” targeting critical infrastructure worldwide. Chinese state-sponsored actors initiated sophisticated campaigns affecting over 400 organizations, including U.S. nuclear agencies. Simultaneously, ransomware operations intensified with new variants like BQTLOCK and Interlock, while threat actors deployed advanced techniques… Read More »Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches July 21-27, 2025

Weekly Report: New Hacking Techniques and Critical CVEs July 14-21, 2025

The week of July 14-21, 2025, witnessed an unprecedented escalation in cybersecurity threats with multiple critical zero-day vulnerabilities under active exploitation, sophisticated state-sponsored attacks, and a major international law enforcement operation against Russian cybercriminals. The period was characterized by maximum-severity vulnerabilities achieving immediate weaponization, advanced persistent threat campaigns deploying next-generation malware, and coordinated international cybercrime… Read More »Weekly Report: New Hacking Techniques and Critical CVEs July 14-21, 2025

Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches July 14-21, 2025

The week of July 14-21, 2025, marked an unprecedented surge in critical cybersecurity incidents, characterized by multiple zero-day exploitations, state-sponsored campaigns, and a significant data breach affecting millions of individuals. The security landscape witnessed five critical-severity incidents, including active exploitation of Microsoft SharePoint servers, CrushFTP file transfer systems, and Citrix NetScaler appliances. Concurrently, Chinese APT… Read More »Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches July 14-21, 2025

Radiology Associates of Richmond Data Breach: Protecting Healthcare Data

Overview On July 18, 2025, Radiology Associates of Richmond disclosed a data breach exposing protected health and personal information of patients. The breach, reported by SecurityWeek, involved unauthorized access to systems, likely via phishing or exploited vulnerabilities. Explanation Attackers gained access through social engineering (e.g., phishing) or exploited vulnerabilities in public-facing systems, exfiltrating sensitive data.… Read More »Radiology Associates of Richmond Data Breach: Protecting Healthcare Data

Use Cases
Technology
About
Partner
Resources

©2024 FireCompass, All Rights Reserved.