Date of Incident: 2024 Overview: In 2024, Harrods experienced a data breach due to a third-party supplier vulnerability, affecting 430,000 customer records with names, contact details, and marketing information exposed. The breach, which became public in September 2025, did not compromise passwords, payment details, or order histories. Attackers used exploitation techniques like SQL Injection to… Read More »Harrods third-party supplier breach
During the week of 28 July – 4 August 2025, eight major cybersecurity incidents were disclosed across leading industry outlets. Adversaries leveraged zero-day exploits, social engineering, supply-chain compromises, misconfigurations, and phishing campaigns to exfiltrate sensitive data, deploy ransomware, and abuse infrastructure. Impacts ranged from private-message exposure to operational disruption of critical infrastructure. >>Outpace Attackers With… Read More »Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 28 July – 4 Aug, 2025
Overview: Indian crypto exchange CoinDCX was breached, with attackers stealing wallet credentials and transaction data, causing $1.2M in losses. Technical Details: Attack Vector: Exploited CVE-2025-20281 (Cisco ISE injection vulnerability, CVSS 10.0) in a third-party payment gateway’s API endpoint (/admin/XXX) integrated with CoinDCX. Exploitation: Attackers sent crafted POST requests (Content-Type: application/json) with malicious SQL payloads (‘… Read More »CoinDCX Cryptocurrency Exchange Breach
Description: Deserialization vulnerability enabling unauthenticated RCE via the /_layouts/15/ToolPane.aspx endpoint. Technical Details: CVSS Score: 9.8 (Critical) Exploit: Attackers craft malicious ASPX payloads (spinstall0.aspx) to exploit unsafe deserialization, extracting ValidationKey and DecryptionKey from __VIEWSTATE. Spoofed Referer headers (/layouts/SignOut.aspx) bypass authentication. The exploit chains with CVE-2025-49704 (spoofing, CVSS 8.8) and CVE-2025-49706 (RCE bypass), deploying .dll payloads (SHA256:… Read More »CVE-2025-53770 (Microsoft SharePoint)
Overview French luxury brand Dior suffered a data breach exposing customer and employee data, attributed to Chinese state-sponsored actors, likely DCHSpy, linked to the ShinyHunters group via a third-party vendor breach (LVMH). Technical Details: Attack Vector: Exploited a misconfigured AWS S3 bucket with public read permissions (“Effect”: “Allow”, “Principal”: “*”) and no IAM role-based controls,… Read More »Dior Data Breach