Critical Threat Intelligence & Advisory Summaries
Active exploitation of vulnerability affecting Microsoft Office SharePoint Server products in the UK
Microsoft has published a security advisory detailing a vulnerability affecting on-premises SharePoint Server instances. Microsoft and the NCSC are aware that an exploit for this vulnerability exists in the wild and have observed active attacks.
The Russian state-sponsored cyber actor known as Midnight Blizzard has exfiltrated email correspondence between Federal Civilian Executive Branch (FCEB) agencies and Microsoft through a successful compromise of Microsoft corporate email accounts.
The NCSC is encouraging UK organisations to take immediate action to mitigate a vulnerability (CVE-2025-29927) affecting the Next.js framework used to build web applications.
A critical vulnerability affecting Docker, Kubernetes, and other containerisation technologies enables attackers to potentially gain unauthorised access to the host operating system.
Emergency Directive (ED) - Supplemental Direction V1: ED 24-01: Mitigate Ivanti Connect Secure and