Cyber defenders warn about hackers targeting Commvault’s cloud applications hosted in Microsoft Azure, especially those using default configurations and elevated permissions. The breach involved access to client secrets for Microsoft’s SaaS backup solutions, but customer data remained protected. #CVE20253928 #Commvault #AzureThreats
Keypoints
- Hackers are actively targeting Commvault’s cloud environment in a campaign affecting SaaS applications.
- The breach exploited a zero-day vulnerability identified as CVE-2025-3928.
- Access was gained to client secrets used for Microsoft 365 backup services hosted on Azure.
- Commvault has reassured that customer backup data was not accessed during the incident.
- Authorities recommend actions such as log monitoring and credential rotation to enhance security.
Read More: https://therecord.media/commvault-clients-cloud-applications-cyberthreat-cisa-alert