Stay on top of the latest cyber alerts.
We share to empower.
- On May 22, 2025, the CISA released a new Advisory Update on Cyber Threat Activity Targeting Commvault’s SaaS Cloud Application (Metallic). Commvault is monitoring cyber threat activity targeting their applications hosted in their Microsoft Azure cloud environment. Threat actors may have accessed client secrets for Commvault’s (Metallic) Microsoft 365 (M365) backup software-as-a-service (SaaS) solution, hosted in Azure. This provided the threat actors with unauthorized access to Commvault’s customers’ M365 environments that have application secrets stored by Commvault.
CISA believes the threat activity may be part of a larger campaign targeting various SaaS companies’ cloud applications with default configurations and elevated permissions.
(Source: CISA.gov) - On May 21, 2025, the Cyber Threat Alert Level remained at Blue (Guarded) due to identified vulnerabilities in Ivanti and Google products, specifically Ivanti Endpoint Manager Mobile and Google Chrome. These vulnerabilities, such as potential remote code execution in Ivanti and arbitrary code execution in Google Chrome, could allow attackers to gain unauthorized access and control.
Cyber Threat Alert Level: This level indicates the current threat landscape and is used to communicate the need for heightened security awareness and actions.
Ivanti Endpoint Manager Mobile: This product has been identified with vulnerabilities that could be exploited by attackers to gain remote access and potentially execute code.
Google Chrome: A vulnerability has been discovered in Google Chrome that could lead to arbitrary code execution.
Remediation: Organizations are advised to update and apply all relevant vendor security patches to affected systems and to keep their antivirus signatures up-to-date.
(Source: Center for Internet Security) - On May 21, 2025, the CISA release a new Advisory Update on Threat Actors Deploy LummaC2 Malware to Exfiltrate Sensitive Data from Organizations. The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint advisory to disseminate known tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with threat actors deploying the LummaC2 information stealer (infostealer) malware. LummaC2 malware is able to infiltrate victim computer networks and exfiltrate sensitive information, threatening vulnerable individuals’ and organizations’ computer networks across multiple U.S. critical infrastructure sectors. According to FBI information and trusted third-party reporting, this activity has been observed as recently as May 2025. The IOCs included in this advisory were associated with LummaC2 malware infections from November 2023 through May 2025.The FBI and CISA encourage organizations to implement the recommendations in the Mitigations section of this advisory to reduce the likelihood and impact of LummaC2 malware.
(Source: CISA.gov)
Contact Us
