- The state-nation computer pirates are abusing zero community to attack the SAAS companies
- CISA warns users to patch their systems
- A large -scale campaign is currently ongoing, it was said
The US cybersecurity and infrastructure security agency.
In a recently published security notice, the agency said the attack is being monitored and urged Commvault customers to mitigate possible risks.
Commvault’s flagship product. It is a cloud -based SAAS data protection platform that provides a safe back and recovery copy for Microsoft 365, final points, virtual machines, databases and other workloads. Everything is housed in Microsoft Azure, and CISA says that unidentified threat actors “may have accessed the client’s secrets for the SaaS of Backup Microsoft 365 of Commvault (metallic).”
“This provided that the actors of threat unauthorized access to the M365 environments of Commvault customers who have secrets stored by Commvault.”
At the same time, Commvault published a blog post in which he said Microsoft contacted to warn about a sponsored cyber attack on the state.
The company confirmed that a “handful of customers” was directed through a zero-hi-closed day vulnerability such as CVE-2025-3928, a failure not specified on the Commvault web server that can be exploited by a remote and authenticated attacker.
CISA added it to its catalog of known exploited vulnerabilities (KEV) on April 28, giving federal civil executive branch agencies (FCEB) a deadline of three weeks to repair things. The error was solved in versions 11.36.46, 11.32.89, 11.28.141 and 11.20.217 for Windows and Linux platforms.
“CISA believes that the threat activity can be part of a larger campaign aimed at cloud applications of several SAAS companies with predetermined configurations and high permits,” added the agency in the notice.
The agency has also made a list of mitigations that companies must continue to minimize the possibilities of being beaten. These include monitoring the Enter audit records, reviewing the Microsoft records, reviewing the list of application records and service principles, and more. The whole list can be found in This link.
Through The registration
