The Russian state-sponsored cyber actor known as Midnight Blizzard has exfiltrated email correspondence between Federal Civilian Executive Branch (FCEB) agencies and Microsoft through a successful compromise of Microsoft corporate email accounts.
The NCSC is encouraging UK organisations to take immediate action to mitigate a vulnerability (CVE-2025-29927) affecting the Next.js framework used to build web applications.
A critical vulnerability affecting Docker, Kubernetes, and other containerisation technologies enables attackers to potentially gain unauthorised access to the host operating system.
Emergency Directive (ED) - Supplemental Direction V1: ED 24-01: Mitigate Ivanti Connect Secure and
COOKIE / PRIVACY POLICY: This website uses essential cookies required for basic site functionality. We also use analytics cookies to understand how the website is used. We do not use cookies for marketing or personalization, and we do not sell or share any personal data with third parties.