Sign in Subscribe

Threat Intelligence

Incident Response Spotlight: Marks & Spencer Ransomware Crisis

Incident Response Spotlight: Marks & Spencer Ransomware Crisis

Incident Overview In July 2025, Marks & Spencer (M&S), one of the UK's biggest retailers, fell victim to a ransomware attack attributed to the Scattered Spider group. The breach originated through a third-party vendor, not M&S directly, underscoring the dangers of supply chain compromise.

ToolShell in the Wild: Microsoft SharePoint Zero-Day (CVE-2025-53770 & CVE-2025-53771)

ToolShell in the Wild: Microsoft SharePoint Zero-Day (CVE-2025-53770 & CVE-2025-53771)

What You Need To Know Microsoft's zero-day vulnerability chain–codenamed ToolShell–combines CVE-2025-53770 (deserialization) and CVE-2025-53771 (authentication bypass) to enable unauthenticated remote code execution (RCE) on on-premises SharePoint Server. This exploit actively used by threat actors and has caused widespread compromise.

🔍 Inside the Threat: How Threat Intelligence Helps Stop Attacks Before They Happen

🔍 Inside the Threat: How Threat Intelligence Helps Stop Attacks Before They Happen

🧠 What Is Threat Intelligence? Threat intelligence is more than just data — it’s actionable knowledge. It involves collecting, analyzing, and applying information about current and potential cyber threats to improve decision-making and proactively defend systems. In simpler terms, threat intelligence helps organizations predict, detect, and respond to attacks faster and