April 25, 2025

Apple iPhone Targeted by Advanced Attackers

Apple has released emergency security updates for iOS/iPadOS, macOS, tvOS, and visionOS that fix two zero-day vulnerabilities (CVE-2025-31200, CVE-2025-31201) that have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS.CVE-2025-31200 affects CoreAudio, an API Apple devices use for processing audio. The memory corruption vulnerability can be triggered with a maliciously crafted media file: when the audio […]
April 15, 2025

Zero-Day Supply Chain Breach Hits Real Estate Sector

Microsoft disclosed a critical zero-day vulnerability (CVE-2025-29824) in the Windows Common Log File System (CLFS) driver. The flaw was actively exploited by a threat group known as Storm-2460, which deployed PipeMagic malware to gain elevated privileges, harvest credentials, and execute ransomware attacks. While the broader campaign mainly impacted IT and technical service providers, the real estate sector was among the […]
April 10, 2025

Supply Chain Email Breach Hits Marketing Giants

A notable supply-chain email breach impacted marketing giants through the compromise of OAuth tokens associated with Salesloft’s Drift platform. This breach propagated through integrations such as Salesforce, affecting hundreds of companies, including high-profile security enterprises like Cloudflare, Zscaler, Palo Alto Networks, SpyCloud, and Tanium. Attackers exploited the interconnected nature of modern SaaS ecosystems, leveraging downstream trust to access sensitive credentials […]
April 5, 2025

 Massive Cyber-Attack Halts Marks & Spencer Operations

Marks & Spencer experienced a massive cyberattack that completely halted its online operations, including website and app transaction processing. While customers could still browse products, all new orders were suspended as a precautionary measure stores remained open for in-person shopping.The breach, which began during the Easter weekend, also disrupted click-and-collect services, contactless payments, and other in-store functionalities. M&S relied on […]

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.