Critical Threat Intelligence & Advisory Summaries

U.K NCSC

Active exploitation of vulnerability affecting Microsoft Office SharePoint Server products in the UK

Government & Regulatory Alerts

Microsoft has published a security advisory detailing a vulnerability affecting on-premises SharePoint Server instances. Microsoft and the NCSC are aware that an exploit for this vulnerability exists in the wild and have observed active attacks.

ED 24-02: Mitigating the Significant Risk from Nation-State Compromise of Microsoft Corporate Email System

ED 24-02: Mitigating the Significant Risk from Nation-State Compromise of Microsoft Corporate Email System

Government & Regulatory Alerts

The Russian state-sponsored cyber actor known as Midnight Blizzard has exfiltrated email correspondence between Federal Civilian Executive Branch (FCEB) agencies and Microsoft through a successful compromise of Microsoft corporate email accounts.

U.K NCSC

Vulnerability affecting Next.js web development framework

Government & Regulatory Alerts

The NCSC is encouraging UK organisations to take immediate action to mitigate a vulnerability (CVE-2025-29927) affecting the Next.js framework used to build web applications. 

Monthly Vulnerability Roundup - October 2025

Monthly Vulnerability Roundup - October 2025

Vulnerabililty Intelligence

October 2025 notable vulnerabilities and related headlines summary.

Monthly Vulnerability Roundup - September 2025

Monthly Vulnerability Roundup - September 2025

Vulnerabililty Intelligence

September 2025 notable vulnerabilities and related headlines summary.

Page 7 of 9

By using this site, you agree to our Terms & Conditions.

COOKIE / PRIVACY POLICY: This website uses essential cookies required for basic site functionality. We also use analytics cookies to understand how the website is used. We do not use cookies for marketing or personalization, and we do not sell or share any personal data with third parties.

Terms & Privacy Policy