The U.S. CISA has announced that Commvault is experiencing cyber threats targeting their Azure-hosted applications, possibly compromising client secrets in their Microsoft 365 backup service. This incident is linked to a zero-day vulnerability (CVE-2025-3928) exploited by sophisticated threat actors, prompting increased security measures. #CVE20253928 #Commvault #MicrosoftAzure
Keypoints
- Commvault’s Azure environment is under cyber threat, exposing customer application secrets.
- The threat actors exploited a zero-day vulnerability (CVE-2025-3928) in the Commvault Web Server.
- Authorized access was gained to some Microsoft 365 environments used by Commvault customers.
- Commvault has responded by rotating credentials and enhancing security measures.
- CISA recommends monitoring logs, restricting access, and deploying web application firewalls for protection.
Read More: https://thehackernews.com/2025/05/cisa-warns-of-suspected-broader-saas.html