Marks & Spencer breach linked to Scattered Spider ransomware attack 

Ongoing outages at British retail giant Marks & Spencer are caused by a ransomware attack believed to be conducted by threat actors known as “Scattered Spider” BleepingComputer has learned from multiple sources. 

Source: https://www.bleepingcomputer.com/news/security/marks-and-spencer-breach-linked-to-scattered-spider-ransomware-attack/

Harrods latest retailer to be hit by cyber attack
The luxury department store Harrods says it is the latest retailer to have been targeted by a cyber attack. The firm said it had “restricted internet access at our sites” following an attempt to gain access to its systems.

Source: https://www-bbc-co-uk.cdn.ampproject.org/c/s/www.bbc.co.uk/news/articles/c62x4zxe418o.amp

Co-op forced to shut down part of IT system after hack attempt

The Co-op has been forced to shut down parts of its IT system after discovering an attempted hack only days after Marks & Spencer faced a serious cyber-incident.

Source: https://www.theguardian.com/business/2025/apr/30/co-op-forced-to-shut-down-part-of-it-system-after-hack-attempt
  

Verizon 2025 Report Alarming Rise in Cyberattacks Via Third-Parties 

Verizon Business recently released its 2025 Data Breach Investigations Report (DBIR), revealing a disturbing trend in the cybersecurity landscape: third-party involvement in data breaches has doubled to 30% over the past year, creating unprecedented challenges for organizations worldwide. 

Source: https://cybersecuritynews.com/verizon-2025-report-alarming-rise-in-cyberattacks/
  

CISA Issues Warning on Commvault Web Server Flaw Exploited in the Wild 

The Cybersecurity and Infrastructure Security Agency (CISA) has added the Commvault Web Server vulnerability (CVE-2025-3928) to its Known Exploited Vulnerabilities (KEV) catalog, indicating that threat actors are actively exploiting this security flaw in the wild.   

Source: https://cybersecuritynews.com/cisa-commvault-web-server-flaw/
  

Hackers Leveraging GetShared to Deploy Malware Bypassing Defenses 

Cybercriminals have discovered a new attack vector utilizing the legitimate file-sharing service GetShared to distribute malware and conduct phishing campaigns. 

Source: https://cybersecuritynews.com/hackers-leveraging-getshared-to-deploy-malware/
  

SentinelOne Uncovers Chinese Espionage Campaign Targeting Its Infrastructure and Clients 

Cybersecurity company SentinelOne has revealed that a China-nexus threat cluster dubbed PurpleHaze conducted reconnaissance attempts against its infrastructure and some of its high-value customers. 

Source: https://thehackernews.com/2025/04/sentinelone-uncovers-chinese-espionage.html
  

Threat Actors Leverage Access to Valid Accounts via Phishing Attack  

In a significant shift observed during the first quarter of 2025, cybersecurity experts have documented a dramatic surge in phishing attacks, with threat actors increasingly using this vector to gain access to valid user accounts.  

Source: https://cybersecuritynews.com/threat-actors-leverage-access/
  

ResolverRAT Attacking Healthcare and Pharmaceutical Via Sophisticated Phishing Attacks 

A new sophisticated remote access trojan (RAT) has emerged as a significant threat to healthcare and pharmaceutical organizations worldwide. 

Source: https://cybersecuritynews.com/resolverrat-attacking-healthcare-and-pharmaceutical/
  

Cyber Security Company CEO Arrested for Installing Malware Onto Hospital Computers 

Jeffrey Bowie, CEO of cybersecurity firm Veritaco, was arrested on April 14, 2025, facing two counts of violating Oklahoma’s Computer Crimes Act for allegedly installing malware on computers at St. Anthony Hospital in Oklahoma City. 

Source: https://cybersecuritynews.com/cyber-security-company-ceo-arrested/ 
 

  

Smarttech247