{"id":4559,"date":"2025-05-06T08:47:27","date_gmt":"2025-05-06T07:47:27","guid":{"rendered":"https:\/\/www.d2na.com\/?p=4559"},"modified":"2025-05-06T08:52:27","modified_gmt":"2025-05-06T07:52:27","slug":"weekly-security-news-6th-may-2025","status":"publish","type":"post","link":"https:\/\/www.d2na.com\/index.php\/2025\/05\/06\/weekly-security-news-6th-may-2025\/","title":{"rendered":"Weekly Security News – 6th May 2025"},"content":{"rendered":"<\/span> 7<\/span> mins read<\/span><\/span>\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

M&S and the Co-Op under attack, SonicWall warns of more VPN flaws and Google says 75 zero-days were exploited last year...<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Welcome to this week’s Security News. We’ve collated the best articles from the around the internet and put them all into one place. If you have any queries or concerns about anything in this week’s news, then please get in touch with our team who can advise further. For our existing clients, if we believe anything may affect your organisation, our team will be in touch directly.\u00a0<\/p>\n

<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

Vulnerabilities and Patches<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

ConnectWise Releases Security Update for ScreenConnect<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

ConnectWise has released a security update addressing a flaw in on-premises ScreenConnect deployments. The flaw is within ASP.Net Web Forms which use ViewState to preserve page and control state, with data encoded using Base64 protected by machine keys.<\/p>

An attacker with privileged system access may be able to obtain the machine keys, allowing them to create and send a malicious ViewState to the website, potentially leading to\u00a0remote code execution\u00a0(RCE) on the server. Microsoft have reported limited exploitation of a similar flaw within their security blog ‘Code injection attacks using publicly disclosed ASP.NET machine keys’. While ConnectWise has not reported exploitation of ScreenConnect instances through this flaw, Microsoft have observed attackers with access to machine keys performing ViewState code injection attacks against other, undisclosed, technologies in the wild. The ScreenConnect update disables ViewState and removes any dependency on it. ScreenConnect version 25.2.3 and earlier versions can potentially be subject to ViewState code injection attacks. ASP.NET Web Forms use ViewState to preserve page and control state, with data encoded using Base64 protected by machine keys. It is important to note that to obtain these machine keys, privileged system level access must be obtained. It is crucial to understand that this issue could potentially impact any product utilizing ASP.NET framework ViewStates, and ScreenConnect is not an outlier. For self-hosted users with active maintenance are strongly encouraged to update to the latest release, 25.2.4, which offers vital security updates, bug fixes, and improvements not available in previous versions. The upgrade path to version 25.2.4 is as follows: 22.8 \u2192 23.3 \u2192 25.2.4.\u00a0\u00a0<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

SonicWall warns of more VPN flaws exploited in attacks<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Cybersecurity company SonicWall has warned customers that several vulnerabilities impacting its Secure Mobile Access (SMA) appliances are now being actively exploited in attacks.\u00a0<\/p>

On Tuesday, SonicWall updated security advisories for the CVE-2023-44221 and CVE-2024-38475 security flaws to tag the two vulnerabilities as “potentially being exploited in the wild\u201d. CVE-2023-44221 is described as a high-severity command injection vulnerability caused by improper neutralization of special elements in the SMA100 SSL-VPN management interface that enables attackers with admin privileges to inject arbitrary commands as a ‘nobody’ user. The second security bug, CVE-2024-38475, is rated as a critical severity flaw caused by improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier.\u00a0<\/p>

Successful exploitation can allow unauthenticated, remote attackers to gain code execution by mapping URLs to file system locations permitted to be served by the server. The two vulnerabilities impact SMA 200, SMA 210, SMA 400, SMA 410, and SMA 500v devices and are patched in firmware version 10.2.1.14-75sv and later. “During further analysis, SonicWall and trusted security partners identified an additional exploitation technique using CVE-2024-38475, through which unauthorized access to certain files could enable session hijacking,” SonicWall warned in an updated advisory. “During further analysis, SonicWall and trusted security partners identified that ‘CVE-2023-44221 – Post Authentication OS Command Injection’ vulnerability is potentially being exploited in the wild,” it added. “SonicWall PSIRT recommends that customers review their SMA devices to ensure no unauthorized logins.”<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

Cyber Attacks<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

Marks & Spencer breach linked to Scattered Spider ransomware attack<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Marks & Spencer (M&S) says it has stopped taking online orders as the company struggles to recover from a cyber-attack. Customers began reporting problems last weekend, and on Tuesday the retailer confirmed it was facing a “cyber incident”.\u00a0<\/p>

Now, M&S has entirely paused orders on its website and apps – including for food deliveries and clothes – and says it will refund orders placed by customers on Friday. The firm’s shares fell by 5% following the announcement, before recovering. Online orders remained paused on Saturday morning. “We are truly sorry for this inconvenience,” the retailer wrote in a post on X, external. “Our experienced team – supported by leading cyber experts – is working extremely hard to restart online and app shopping.\u00a0<\/p>

The ongoing outages are caused by a ransomware attack that encrypted the company’s servers. The threat actors are believed to have first breached M&S as early as February, when they reportedly stole the Windows domain’s NTDS.dit file. An NTDS.dit file is the main database for Active Directory Services running on a Windows domain controller. This file contains the password hashes for Windows accounts, which can be extracted by threat actors and cracked offline to gain access to associated plain-text passwords. Using these credentials, a threat actor can then laterally spread throughout the Windows domain, while stealing data from network devices and servers. Sources said that the threat actors ultimately deployed the DragonForce encryptor\u00a0to VMware ESXi hosts on April 24th to encrypt virtual machines. The investigation so far indicates that hackers associated with tactics known as Scattered Spider, or as Microsoft calls them, Octo Tempest, are behind the attack. When contacted with this information, M&S said that they could not go into details about the cyber incident.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

Co-op shuts down part of IT network after cyberattack attempt<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

\u200b<\/span>The Co-operative Group has been forced to temporarily shut down parts of its IT infrastructure following an attempted cyberattack, just days after Marks & Spencer (M&S) suffered a significant cybersecurity breach. In a letter to staff sent Tuesday and seen by The Guardian, the Co-op confirmed it had “taken steps to keep systems safe” by pre-emptively withdrawing “access to some systems for the moment\u201d. The move impacts internal business operations across several divisions, including grocery retail and legal services.<\/p>

The group, which operates more than 2,000 grocery stores and over 800 funeral parlours, acknowledged that services used by back-office teams and those managing store operations had been curtailed. Sources familiar with the matter revealed that the stock monitoring system is among those affected, warning that some shelves could see shortages if the issue persists. Remote work capabilities have also been restricted. As of Wednesday, some employees were unable to access systems from home after the company blocked virtual desktops. Despite the disruption, all Co-op retail stores, including rapid delivery services, and funeral homes continue to operate as normal. “We have recently experienced attempts to gain unauthorised access to some of our systems,” a Co-op spokesperson told The Guardian. “As a result, we have taken proactive steps to keep our systems safe, which has resulted in a small impact to some of our back office and call centre services.” The National Cyber Security Centre (NCSC) confirmed it is working with the Co-op in response to the incident and is also investigating the attack on M&S, exploring possible links between the two. At present, the Co-op has not reported any compromise of customer data. “We are not asking our members or customers to do anything differently at this point,” the spokesperson said, adding that the business would continue to provide updates as needed.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

In Other News...<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

Google Reports 75 Zero-Days Exploited in 2024 \u2014 44% Targeted Enterprise Security Products<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Google has revealed that it observed 75 zero-day vulnerabilities exploited in the wild in 2024, down from 98 in 2023 but an increase from 63 the year before.\u00a0<\/span><\/p>

Of the 75 zero-days, 44% of them targeted enterprise products. As many as 20 flaws were identified in security software and appliances. “Zero-day exploitation of browsers and mobile devices fell drastically, decreasing by about a third for browsers and by about half for mobile devices compared to what we observed last year,” the Google Threat Intelligence Group (GTIG) said in a report shared with The Hacker news. “Exploit chains made up of multiple zero-day vulnerabilities continue to be almost exclusively (~90%) used to target mobile devices.” While Microsoft Windows accounted for 22 of the zero-day flaws exploited in 2024, Apple’s Safari had three, iOS had two, Android had seven, Chrome had seven, and Mozilla Firefox had one flaw that were abused during the same period.\u00a0<\/span>Three of the seven zero-days exploited in Android were found in third-party components.\u00a0<\/span><\/p>

Among the exploited 33 zero-days in enterprise software and appliances, 20 of them targeted security and network products, such as those from Ivanti, Palo Alto Networks, and Cisco. “Security and network tools and devices are designed to connect widespread systems and devices with high permissions required to manage the products and their services, making them highly valuable targets for threat actors seeking efficient access into enterprise networks,” GTIG researchers noted. In all, a total of 18 unique enterprise vendors were targeted in 2024, in comparison to 12 in 2021, 17 in 2022, and 22 in 2023. The companies with the most targeted zero-days were Microsoft (26), Google (11), Ivanti (7), and Apple (5). Google, which defines zero-days as vulnerabilities exploited in the wild before a patch is made publicly available, said state-backed cyber espionage was still the leading motivation behind the exploitation of a significant chunk of the bugs.<\/span><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

CISA tags Broadcom Fabric OS, CommVault flaws as exploited in attacks<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Earlier this month, Broadcom disclosed an arbitrary code execution flaw impacting Fabric OS versions 9.1.0 through 9.1.1d6, tracked under CVE-2025-1976.\u00a0<\/span><\/p>

While the flaw requires admin privileges to exploit, Broadcom says it has been actively exploited in attacks. “This vulnerability can allow the user to execute any existing Fabric OS command or can also be used to modify the Fabric OS itself, including adding their own subroutines,” reads Broadcom’s bulletin. “Even though achieving this exploit first requires valid access to a role with admin privileges, this vulnerability has been actively exploited in the field\u201d. CVE-2025-1976 was addressed with the release of Brocade Fabric OS 9.1.1d7.\u00a0<\/span><\/p>

The latest branch, 9.2.0, is not impacted by this vulnerability. The Commvault flaw, tracked under CVE-2025-3928, is an unspecified security problem that authenticated attackers can exploit remotely to plant webshells on target servers. Commvault web servers are user-facing and API components of a backup system used by enterprises to protect and restore critical data. Despite the requirements for authentication and exposure of the environment to the internet, the flaw is under active exploitation in the wild. CVE-2025-3928 was fixed in versions 11.36.46, 11.32.89, 11.28.141, and 11.20.217 for Windows and Linux platforms. The third flaw CISA added to KEV is CVE-2025-42599, a stack-based buffer overflow problem impacting all versions of Active! up to and including ‘BuildInfo: 6.60.05008561’ on all OS platforms. Active! mail is a web-based email client widely used by government, financial, and IT service organizations in Japan. The flaw was flagged as actively exploited last week by Japan’s CERT, while SMB providers and ISPs in the country also announced service outages caused by related exploitation activity.<\/span><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

<\/span> 7<\/span> mins read<\/span><\/span>M&S and the Co-Op under attack, SonicWall warns of more VPN flaws and Google says 75 zero-days were exploited last year… Welcome to this week’s Security News. We’ve collated the best articles from the around the internet and put them all into one place. If you have any queries or concerns about anything in this […]<\/p>\n","protected":false},"author":1,"featured_media":4567,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"set","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[355],"tags":[287,285,286,289,288,284],"class_list":["post-4559","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security-news","tag-cyber-attacks","tag-cyber-security","tag-news","tag-patches","tag-vulnerabilities","tag-weekly-security-news"],"yoast_head":"\nWeekly Security News - 6th May 2025 - D2NA<\/title>\n<meta name=\"description\" content=\"Marks & Spencer and the Co-Op under attack, SonicWall warns of more VPN flaws and Google says 75 zero-days were exploited last year...\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.d2na.com\/index.php\/2025\/05\/06\/weekly-security-news-6th-may-2025\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Weekly Security News - 6th May 2025\" \/>\n<meta property=\"og:description\" content=\"Marks & Spencer and the Co-Op under attack, SonicWall warns of more VPN flaws and Google says 75 zero-days were exploited last year...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.d2na.com\/index.php\/2025\/05\/06\/weekly-security-news-6th-may-2025\/\" \/>\n<meta property=\"og:site_name\" content=\"D2NA\" \/>\n<meta property=\"article:published_time\" content=\"2025-05-06T07:47:27+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-05-06T07:52:27+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/05\/2025-05-06.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"628\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Shaun Conway\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@D2NA\" \/>\n<meta name=\"twitter:site\" content=\"@D2NA\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Shaun Conway\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"9 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/05\\\/06\\\/weekly-security-news-6th-may-2025\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/05\\\/06\\\/weekly-security-news-6th-may-2025\\\/\"},\"author\":{\"name\":\"Shaun Conway\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#\\\/schema\\\/person\\\/624fbd3965489b22f6dcfc6d7eb4fb36\"},\"headline\":\"Weekly Security News – 6th May 2025\",\"datePublished\":\"2025-05-06T07:47:27+00:00\",\"dateModified\":\"2025-05-06T07:52:27+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/05\\\/06\\\/weekly-security-news-6th-may-2025\\\/\"},\"wordCount\":1819,\"publisher\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/05\\\/06\\\/weekly-security-news-6th-may-2025\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/2025-05-06.jpeg\",\"keywords\":[\"cyber attacks\",\"cyber security\",\"news\",\"patches\",\"vulnerabilities\",\"weekly security news\"],\"articleSection\":[\"Security News\"],\"inLanguage\":\"en-GB\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/05\\\/06\\\/weekly-security-news-6th-may-2025\\\/\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/05\\\/06\\\/weekly-security-news-6th-may-2025\\\/\",\"name\":\"Weekly Security News - 6th May 2025 - D2NA\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/05\\\/06\\\/weekly-security-news-6th-may-2025\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/05\\\/06\\\/weekly-security-news-6th-may-2025\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/2025-05-06.jpeg\",\"datePublished\":\"2025-05-06T07:47:27+00:00\",\"dateModified\":\"2025-05-06T07:52:27+00:00\",\"description\":\"Marks & Spencer and the Co-Op under attack, SonicWall warns of more VPN flaws and Google says 75 zero-days were exploited last year...\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/05\\\/06\\\/weekly-security-news-6th-may-2025\\\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/05\\\/06\\\/weekly-security-news-6th-may-2025\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/05\\\/06\\\/weekly-security-news-6th-may-2025\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/2025-05-06.jpeg\",\"contentUrl\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/2025-05-06.jpeg\",\"width\":1200,\"height\":628,\"caption\":\"2025-05-06\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/05\\\/06\\\/weekly-security-news-6th-may-2025\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.d2na.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Weekly Security News – 6th May 2025\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#website\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/\",\"name\":\"D2NA\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.d2na.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#organization\",\"name\":\"D2 Network Associates Limited\",\"alternateName\":\"D2NA\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/12\\\/Header-Logo.png\",\"contentUrl\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/12\\\/Header-Logo.png\",\"width\":180,\"height\":60,\"caption\":\"D2 Network Associates Limited\"},\"image\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/D2NA\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/d2-network-associates-ltd\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#\\\/schema\\\/person\\\/624fbd3965489b22f6dcfc6d7eb4fb36\",\"name\":\"Shaun Conway\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g\",\"caption\":\"Shaun Conway\"},\"sameAs\":[\"https:\\\/\\\/www.d2na.com\"],\"url\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/author\\\/shaun-conway\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Weekly Security News - 6th May 2025 - D2NA","description":"Marks & Spencer and the Co-Op under attack, SonicWall warns of more VPN flaws and Google says 75 zero-days were exploited last year...","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.d2na.com\/index.php\/2025\/05\/06\/weekly-security-news-6th-may-2025\/","og_locale":"en_GB","og_type":"article","og_title":"Weekly Security News - 6th May 2025","og_description":"Marks & Spencer and the Co-Op under attack, SonicWall warns of more VPN flaws and Google says 75 zero-days were exploited last year...","og_url":"https:\/\/www.d2na.com\/index.php\/2025\/05\/06\/weekly-security-news-6th-may-2025\/","og_site_name":"D2NA","article_published_time":"2025-05-06T07:47:27+00:00","article_modified_time":"2025-05-06T07:52:27+00:00","og_image":[{"width":1200,"height":628,"url":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/05\/2025-05-06.jpeg","type":"image\/jpeg"}],"author":"Shaun Conway","twitter_card":"summary_large_image","twitter_creator":"@D2NA","twitter_site":"@D2NA","twitter_misc":{"Written by":"Shaun Conway","Estimated reading time":"9 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.d2na.com\/index.php\/2025\/05\/06\/weekly-security-news-6th-may-2025\/#article","isPartOf":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/05\/06\/weekly-security-news-6th-may-2025\/"},"author":{"name":"Shaun Conway","@id":"https:\/\/www.d2na.com\/#\/schema\/person\/624fbd3965489b22f6dcfc6d7eb4fb36"},"headline":"Weekly Security News – 6th May 2025","datePublished":"2025-05-06T07:47:27+00:00","dateModified":"2025-05-06T07:52:27+00:00","mainEntityOfPage":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/05\/06\/weekly-security-news-6th-may-2025\/"},"wordCount":1819,"publisher":{"@id":"https:\/\/www.d2na.com\/#organization"},"image":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/05\/06\/weekly-security-news-6th-may-2025\/#primaryimage"},"thumbnailUrl":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/05\/2025-05-06.jpeg","keywords":["cyber attacks","cyber security","news","patches","vulnerabilities","weekly security news"],"articleSection":["Security News"],"inLanguage":"en-GB"},{"@type":"WebPage","@id":"https:\/\/www.d2na.com\/index.php\/2025\/05\/06\/weekly-security-news-6th-may-2025\/","url":"https:\/\/www.d2na.com\/index.php\/2025\/05\/06\/weekly-security-news-6th-may-2025\/","name":"Weekly Security News - 6th May 2025 - D2NA","isPartOf":{"@id":"https:\/\/www.d2na.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/05\/06\/weekly-security-news-6th-may-2025\/#primaryimage"},"image":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/05\/06\/weekly-security-news-6th-may-2025\/#primaryimage"},"thumbnailUrl":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/05\/2025-05-06.jpeg","datePublished":"2025-05-06T07:47:27+00:00","dateModified":"2025-05-06T07:52:27+00:00","description":"Marks & Spencer and the Co-Op under attack, SonicWall warns of more VPN flaws and Google says 75 zero-days were exploited last year...","breadcrumb":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/05\/06\/weekly-security-news-6th-may-2025\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.d2na.com\/index.php\/2025\/05\/06\/weekly-security-news-6th-may-2025\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.d2na.com\/index.php\/2025\/05\/06\/weekly-security-news-6th-may-2025\/#primaryimage","url":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/05\/2025-05-06.jpeg","contentUrl":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/05\/2025-05-06.jpeg","width":1200,"height":628,"caption":"2025-05-06"},{"@type":"BreadcrumbList","@id":"https:\/\/www.d2na.com\/index.php\/2025\/05\/06\/weekly-security-news-6th-may-2025\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.d2na.com\/"},{"@type":"ListItem","position":2,"name":"Weekly Security News – 6th May 2025"}]},{"@type":"WebSite","@id":"https:\/\/www.d2na.com\/#website","url":"https:\/\/www.d2na.com\/","name":"D2NA","description":"","publisher":{"@id":"https:\/\/www.d2na.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.d2na.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"https:\/\/www.d2na.com\/#organization","name":"D2 Network Associates Limited","alternateName":"D2NA","url":"https:\/\/www.d2na.com\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.d2na.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/12\/Header-Logo.png","contentUrl":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/12\/Header-Logo.png","width":180,"height":60,"caption":"D2 Network Associates Limited"},"image":{"@id":"https:\/\/www.d2na.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/D2NA","https:\/\/www.linkedin.com\/company\/d2-network-associates-ltd\/"]},{"@type":"Person","@id":"https:\/\/www.d2na.com\/#\/schema\/person\/624fbd3965489b22f6dcfc6d7eb4fb36","name":"Shaun Conway","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/secure.gravatar.com\/avatar\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g","caption":"Shaun Conway"},"sameAs":["https:\/\/www.d2na.com"],"url":"https:\/\/www.d2na.com\/index.php\/author\/shaun-conway\/"}]}},"_links":{"self":[{"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/posts\/4559","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/comments?post=4559"}],"version-history":[{"count":8,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/posts\/4559\/revisions"}],"predecessor-version":[{"id":4568,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/posts\/4559\/revisions\/4568"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/media\/4567"}],"wp:attachment":[{"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/media?parent=4559"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/categories?post=4559"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/tags?post=4559"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}