{"id":4616,"date":"2025-05-19T08:54:59","date_gmt":"2025-05-19T07:54:59","guid":{"rendered":"https:\/\/www.d2na.com\/?p=4616"},"modified":"2025-05-19T09:01:32","modified_gmt":"2025-05-19T08:01:32","slug":"weekly-security-news-19th-may-2025","status":"publish","type":"post","link":"https:\/\/www.d2na.com\/index.php\/2025\/05\/19\/weekly-security-news-19th-may-2025\/","title":{"rendered":"Weekly Security News – 19th May 2025"},"content":{"rendered":"<\/span> 5<\/span> mins read<\/span><\/span>\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

Lots of critical patches for Fortinet, Microsoft, Apple and Adobe, an update on the M&S cyber attack and Dior targeted...<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Welcome to this week’s Security News. We’ve collated the best articles from the around the internet and put them all into one place. If you have any queries or concerns about anything in this week’s news, then please get in touch with our team who can advise further. For our existing clients, if we believe anything may affect your organisation, our team will be in touch directly.\u00a0<\/p>\n

<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

Vulnerabilities and Patches<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

Fortinet Releases Multiple Security Advisories<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Fortinet has released security advisories to two critical vulnerabilities. The security advisories address one critical vulnerability in FortiOS, FortiProxy and FortiSwitchManager, and an exploited vulnerability in FortiVoice, FortiMail, FortiNDR, FortiRecorder and FortiCamera.<\/p>

  • Fortinet FortiOS \u2013 7.6.0, 7.4.4 through 7.4.6<\/li>
  • Fortinet FortiProxy \u2013 7.6.0 through 7.6.1<\/li>
  • Fortinet FortiSwitch Manager \u2013 7.2.5<\/li>
  • FortiCamera \u2013 all versions, 2.0 all versions, 2.1.0 through 2.1.3<\/li>
  • FortiRecorder \u2013 6.4.0 through 6.4.5, 7.0.0 through 7.0.5, 7.2.0 through 7.2.3<\/li>
  • FortiMail \u2013 7.0.0 through 7.0.8, 7.2.0 through 7.2.7, 7.4.0 through 7.4.4, 7.6.0 through 7.6.2<\/li>
  • FortiNDR \u2013 1.1 all versions, 1.2 all versions, 1.3 all versions, 1.4 all versions, 1.5 all versions, 7.0.0 through 7.0.6, 7.1 all versions, 7.2.0 through 7.2.4, 7.4.0 through 7.4.7,7.6.0<\/li>
  • FortiVoice \u2013 6.4.0 through 6.4.10, 7.0.0 through 7.0.6, 7.2.0<\/li><\/ul>

    CVE-2025-32756 is a ‘stack-based buffer overflow’ vulnerability with a CVSSv3 score of 9.6. Successful exploitation could allow a remote unauthenticated attacker to execute arbitrary code or commands via crafted HTTP requests. CVE-2025-22252 is an ‘authentication for critical function’ vulnerability with a CVSSv3 score of 9.0 in FortiOS, FortiProxy, and FortiSwitchManager products that are configured to use TACACS+ with ASCII authentication. Successful exploitation could allow an attacker with limited privileges to bypass authentication and gain administrator access to the device. Affected organisations are encouraged to review Fortinet’s Security Advisories and apply the relevant updates as soon as practicable.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

    \n\t\t\t\t\t\t
    \n\t\t\t\t\t
    \n\t\t\t
    \n\t\t\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t

    Microsoft Releases May 2025 Security Updates<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t

    Microsoft has released security updates to address 72 vulnerabilities in Microsoft products. The updates include five critical and 66 important severity vulnerabilities. In this month\u2019s updates, Microsoft has addressed five zero-day vulnerabilities being exploited in the wild. Microsoft has reported that the following vulnerabilities are under active exploitation:<\/p>

    • CVE-2025-30400 – Microsoft DWM Core Library Elevation of Privilege Vulnerability<\/li>
    • CVE-2025-32701 – Windows Common Log File System Driver Elevation of Privilege Vulnerability\u00a0<\/li>
    • CVE-2025-32706 – Windows Common Log File System Driver Elevation of Privilege Vulnerability<\/li>
    • CVE-2025-32709 – Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability<\/li>
    • CVE-2025-30397 – Scripting Engine Memory Corruption Vulnerability<\/li><\/ul>

      Microsoft Patch Tuesday, May edition includes updates for vulnerabilities in Windows Routing and Remote Access Service (RRAS), Windows Virtual Machine Bus, Windows Installer, Windows Drivers, Windows File Server, Azure, Windows Win32K \u2013 GRFX, Microsoft Scripting Engine, and more. Microsoft has fixed several flaws in multiple software, including Spoofing, Denial of Service (DoS), Elevation of Privilege (EoP), Information Disclosure, and Remote Code Execution (RCE). This month\u2019s release notes cover multiple Microsoft product families and products\/versions affected hence, affected organisations are encouraged to review Microsoft’s\u00a0May\u00a02025 Security Updates\u00a0and\u00a0apply the relevant updates as soon as practicable.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

      \n\t\t\t\t\t\t
      \n\t\t\t\t\t
      \n\t\t\t
      \n\t\t\t\t\t\t
      \n\t\t\t\t
      \n\t\t\t\t\t

      Cyber Attacks<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
      \n\t\t\t\t\t\t
      \n\t\t\t\t\t
      \n\t\t\t
      \n\t\t\t\t\t\t
      \n\t\t\t\t
      \n\t\t\t\t\t

      M&S says customer data stolen in cyberattack, forces password resets<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
      \n\t\t\t\t
      \n\t\t\t\t\t\t\t\t\t

      Marks and Spencer (M&S) confirms that customer data was stolen in a cyberattack last month, when ransomware was used to encrypt servers. The attack occurred on 22nd April 2025, significantly impacting business operations on the retailer’s 1,400 stores, forcing it to stop accepting online orders.\u00a0<\/p>

      The attacks were conducted by DragonForce ransomware affiliates utilizing Scattered Spider social engineering tactics to breach Marks and Spencer’s network. During the attack, the threat actors encrypted VMware ESXi virtual machines hosted on the company’s servers. Since then, M&S has been investigating the attack and confirmed that the intruders stole sensitive personal information belonging to customers. This was announced by M&S CEO, Stuart Machin, who posted a letter on the retailer’s official Facebook page. “As we continue to manage the current cyber incident, we have written to customers today to let them know that unfortunately, some personal customer information has been taken,” states Machin. “Importantly, there is no evidence that the information has been shared, and it does not include usable card or payment details, or account passwords, so there is no need for customers to take any action\u201d.\u00a0<\/p>

      Despite these assurances, all customers with active M&S accounts will be prompted to reset their password the next time they attempt to log in via the website or app. M&S said it would notify all impacted customers accordingly and promised to share more details when those become available.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

      \n\t\t\t\t\t\t
      \n\t\t\t\t\t
      \n\t\t\t
      \n\t\t\t\t\t\t
      \n\t\t\t\t
      \n\t\t\t\t\t

      Fashion giant Dior discloses cyberattack, warns of data breach<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
      \n\t\t\t\t
      \n\t\t\t\t\t\t\t\t\t

      House of Dior, the French luxury fashion brand commonly referred to as Dior, has disclosed a cybersecurity incident that has exposed customer information. A spokesperson for the firm said that the incident impacts Dior Fashion and Accessories customers. Currently, cybersecurity experts are investigating the incident to determine its scope. \u201cThe House of Dior recently discovered that an unauthorized external party accessed some of the data we hold for our Dior Fashion and Accessories customers,\u201d stated the spokesperson. \u201cWe immediately took steps to contain this incident. The teams at Dior, supported by leading cybersecurity experts, continue to investigate and respond to the incident\u201d.\u00a0<\/p>

      Dior clarified that the incident did not expose account passwords or payment card information, as these were\u00a0stored in a different database that remained unaffected. \u201cNo passwords or payment information, including bank account or payment card information, were in the database affected in the incident. We are working to notify relevant regulators and customers in line with applicable law. The confidentiality and security of our customers\u2019 data is an absolute priority for the House of Dior. We sincerely regret any concern or inconvenience this matter may cause our customers\u201d.\u00a0<\/p>

      Although Dior did not specify the number of customers and the regions impacted, there is a notification confirming its South Korean website being affected. There also some reports about Chinese customers receiving data breach notifications from the fashion house. According to screenshots of the notices shared online, the incident was discovered on May 7, involving unauthorized personnel access, and exposed the information such as Full name, Gender, Phone number, Email address, Postal address, Purchase history.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

      \n\t\t\t\t\t\t
      \n\t\t\t\t\t
      \n\t\t\t
      \n\t\t\t\t\t\t
      \n\t\t\t\t
      \n\t\t\t\t\t

      In Other News...<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
      \n\t\t\t\t\t\t
      \n\t\t\t\t\t
      \n\t\t\t
      \n\t\t\t\t\t\t
      \n\t\t\t\t
      \n\t\t\t\t\t

      Apple Releases Security Updates for Multiple Products<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
      \n\t\t\t\t
      \n\t\t\t\t\t\t\t\t\t

      Apple has released nine security advisories to address multiple vulnerabilities in\u00a0iOS, iPadOS,\u00a0macOS Ventura,\u00a0macOS Sonoma,\u00a0macOS Sequoia, watchOS, tvOS, visionOS and Safari.<\/p>

      • iOS \u2013 all prior to 18.5<\/li>
      • iPadOS – all prior to 18.5<\/li>
      • macOS Sequoia – all prior to 15.5<\/li>
      • macOS Sonoma – all prior to 14.7.6<\/li>
      • macOS Ventura – all prior to 13.7.6<\/li>
      • watchOS – all prior to 11.5<\/li>
      • tvOS – all prior to 18.5<\/li>
      • visionOS – all prior to 2.5<\/li>
      • Safari – all prior to 18.5<\/li><\/ul>

        Apple has released software updates to address multiple security vulnerabilities that could lead to memory corruption or privilege escalation. CVE-2025-31219 is a vulnerability that impacts the memory handling in Kernel that could allow an attacker to cause unexpected system termination or kernel memory corruption. CVE-2025-31223 and CVE-2025-31238 vulnerabilities in WebKit may lead to memory corruption during the processing of maliciously crafted web content. CVE-2025-31222 is a correctness issue in mDNSResponder that may allow an attacker to escalate privileges and gain SYSTEM privileges under certain conditions. Affected organisations are encouraged to review Apple security releases and apply the relevant updates.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

        \n\t\t\t\t\t\t
        \n\t\t\t\t\t
        \n\t\t\t
        \n\t\t\t\t\t\t
        \n\t\t\t\t
        \n\t\t\t\t\t

        Adobe Patches Big Batch of Critical-Severity Software Flaws<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
        \n\t\t\t\t
        \n\t\t\t\t\t\t\t\t\t

        Software maker Adobe has released patches for at least 39 vulnerabilities across a range of products alongside warnings about remote code execution exploit risks and successful exploitation of these vulnerabilities may lead to\u00a0privilege escalation and\u00a0arbitrary code execution.<\/span><\/p>

        \u00a0The Patch Tuesday rollout is headlined by a major Adobe ColdFusion update that addresses a wide swatch of code execution and privilege escalation attacks. The Adobe ColdFusion bulletin documents 7 distinct vulnerabilities marked as \u2018critical\u2019 and Adobe warned that these could lead to<\/span>\u202f<\/span>arbitrary file system read, arbitrary code execution and privilege escalation.\u00a0 The critical bugs carry a CVSS severity score of 9.1\/10. The widely deployed Adobe Photoshop software was also updated to fix three critical-severity bugs with code execution risks and the company also flagged a critical bug in Adobe Illustrator that should be patched with urgency.\u00a0<\/span><\/p>

        The company also fixed critical code execution software defects in Adobe Lightroom, Adobe Dreamweaver, Adobe Connect and Adobe InDesign and confirmed that successful exploitation could lead to arbitrary code execution and application denial-of-service attacks. The company also flagged critical-severity bugs in Adobe Substance 3D Painter, Adobe Bridge and Adobe Dimension. The Adobe patches landed on the same day Microsoft called attention to five zero-days being exploited in the wild.<\/span><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

        <\/span> 5<\/span> mins read<\/span><\/span>Lots of critical patches for Fortinet, Microsoft, Apple and Adobe, an update on the M&S cyber attack and Dior targeted… Welcome to this week’s Security News. We’ve collated the best articles from the around the internet and put them all into one place. If you have any queries or concerns about anything in this week’s […]<\/p>\n","protected":false},"author":1,"featured_media":4621,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"set","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[355],"tags":[287,285,286,289,288,284],"class_list":["post-4616","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security-news","tag-cyber-attacks","tag-cyber-security","tag-news","tag-patches","tag-vulnerabilities","tag-weekly-security-news"],"yoast_head":"\nWeekly Security News - 19th May 2025 - D2NA<\/title>\n<meta name=\"description\" content=\"Critical patches for Microsoft, Fortinet, Apple and Adobe, the latest on the M&S (Marks & Spencer) cyber attack, Dior also targeted...\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.d2na.com\/index.php\/2025\/05\/19\/weekly-security-news-19th-may-2025\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Weekly Security News - 19th May 2025\" \/>\n<meta property=\"og:description\" content=\"Critical patches for Microsoft, Fortinet, Apple and Adobe, the latest on the M&S (Marks & Spencer) cyber attack, Dior also targeted...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.d2na.com\/index.php\/2025\/05\/19\/weekly-security-news-19th-may-2025\/\" \/>\n<meta property=\"og:site_name\" content=\"D2NA\" \/>\n<meta property=\"article:published_time\" content=\"2025-05-19T07:54:59+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-05-19T08:01:32+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/05\/2025-05-19.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"628\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Shaun Conway\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@D2NA\" \/>\n<meta name=\"twitter:site\" content=\"@D2NA\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Shaun Conway\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/05\\\/19\\\/weekly-security-news-19th-may-2025\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/05\\\/19\\\/weekly-security-news-19th-may-2025\\\/\"},\"author\":{\"name\":\"Shaun Conway\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#\\\/schema\\\/person\\\/624fbd3965489b22f6dcfc6d7eb4fb36\"},\"headline\":\"Weekly Security News – 19th May 2025\",\"datePublished\":\"2025-05-19T07:54:59+00:00\",\"dateModified\":\"2025-05-19T08:01:32+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/05\\\/19\\\/weekly-security-news-19th-may-2025\\\/\"},\"wordCount\":1412,\"publisher\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/05\\\/19\\\/weekly-security-news-19th-may-2025\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/2025-05-19.jpeg\",\"keywords\":[\"cyber attacks\",\"cyber security\",\"news\",\"patches\",\"vulnerabilities\",\"weekly security news\"],\"articleSection\":[\"Security News\"],\"inLanguage\":\"en-GB\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/05\\\/19\\\/weekly-security-news-19th-may-2025\\\/\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/05\\\/19\\\/weekly-security-news-19th-may-2025\\\/\",\"name\":\"Weekly Security News - 19th May 2025 - D2NA\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/05\\\/19\\\/weekly-security-news-19th-may-2025\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/05\\\/19\\\/weekly-security-news-19th-may-2025\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/2025-05-19.jpeg\",\"datePublished\":\"2025-05-19T07:54:59+00:00\",\"dateModified\":\"2025-05-19T08:01:32+00:00\",\"description\":\"Critical patches for Microsoft, Fortinet, Apple and Adobe, the latest on the M&S (Marks & Spencer) cyber attack, Dior also targeted...\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/05\\\/19\\\/weekly-security-news-19th-may-2025\\\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/05\\\/19\\\/weekly-security-news-19th-may-2025\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/05\\\/19\\\/weekly-security-news-19th-may-2025\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/2025-05-19.jpeg\",\"contentUrl\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/2025-05-19.jpeg\",\"width\":1200,\"height\":628,\"caption\":\"2025-05-19\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/05\\\/19\\\/weekly-security-news-19th-may-2025\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.d2na.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Weekly Security News – 19th May 2025\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#website\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/\",\"name\":\"D2NA\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.d2na.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#organization\",\"name\":\"D2 Network Associates Limited\",\"alternateName\":\"D2NA\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/12\\\/Header-Logo.png\",\"contentUrl\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/12\\\/Header-Logo.png\",\"width\":180,\"height\":60,\"caption\":\"D2 Network Associates Limited\"},\"image\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/D2NA\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/d2-network-associates-ltd\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#\\\/schema\\\/person\\\/624fbd3965489b22f6dcfc6d7eb4fb36\",\"name\":\"Shaun Conway\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g\",\"caption\":\"Shaun Conway\"},\"sameAs\":[\"https:\\\/\\\/www.d2na.com\"],\"url\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/author\\\/shaun-conway\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Weekly Security News - 19th May 2025 - D2NA","description":"Critical patches for Microsoft, Fortinet, Apple and Adobe, the latest on the M&S (Marks & Spencer) cyber attack, Dior also targeted...","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.d2na.com\/index.php\/2025\/05\/19\/weekly-security-news-19th-may-2025\/","og_locale":"en_GB","og_type":"article","og_title":"Weekly Security News - 19th May 2025","og_description":"Critical patches for Microsoft, Fortinet, Apple and Adobe, the latest on the M&S (Marks & Spencer) cyber attack, Dior also targeted...","og_url":"https:\/\/www.d2na.com\/index.php\/2025\/05\/19\/weekly-security-news-19th-may-2025\/","og_site_name":"D2NA","article_published_time":"2025-05-19T07:54:59+00:00","article_modified_time":"2025-05-19T08:01:32+00:00","og_image":[{"width":1200,"height":628,"url":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/05\/2025-05-19.jpeg","type":"image\/jpeg"}],"author":"Shaun Conway","twitter_card":"summary_large_image","twitter_creator":"@D2NA","twitter_site":"@D2NA","twitter_misc":{"Written by":"Shaun Conway","Estimated reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.d2na.com\/index.php\/2025\/05\/19\/weekly-security-news-19th-may-2025\/#article","isPartOf":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/05\/19\/weekly-security-news-19th-may-2025\/"},"author":{"name":"Shaun Conway","@id":"https:\/\/www.d2na.com\/#\/schema\/person\/624fbd3965489b22f6dcfc6d7eb4fb36"},"headline":"Weekly Security News – 19th May 2025","datePublished":"2025-05-19T07:54:59+00:00","dateModified":"2025-05-19T08:01:32+00:00","mainEntityOfPage":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/05\/19\/weekly-security-news-19th-may-2025\/"},"wordCount":1412,"publisher":{"@id":"https:\/\/www.d2na.com\/#organization"},"image":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/05\/19\/weekly-security-news-19th-may-2025\/#primaryimage"},"thumbnailUrl":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/05\/2025-05-19.jpeg","keywords":["cyber attacks","cyber security","news","patches","vulnerabilities","weekly security news"],"articleSection":["Security News"],"inLanguage":"en-GB"},{"@type":"WebPage","@id":"https:\/\/www.d2na.com\/index.php\/2025\/05\/19\/weekly-security-news-19th-may-2025\/","url":"https:\/\/www.d2na.com\/index.php\/2025\/05\/19\/weekly-security-news-19th-may-2025\/","name":"Weekly Security News - 19th May 2025 - D2NA","isPartOf":{"@id":"https:\/\/www.d2na.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/05\/19\/weekly-security-news-19th-may-2025\/#primaryimage"},"image":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/05\/19\/weekly-security-news-19th-may-2025\/#primaryimage"},"thumbnailUrl":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/05\/2025-05-19.jpeg","datePublished":"2025-05-19T07:54:59+00:00","dateModified":"2025-05-19T08:01:32+00:00","description":"Critical patches for Microsoft, Fortinet, Apple and Adobe, the latest on the M&S (Marks & Spencer) cyber attack, Dior also targeted...","breadcrumb":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/05\/19\/weekly-security-news-19th-may-2025\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.d2na.com\/index.php\/2025\/05\/19\/weekly-security-news-19th-may-2025\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.d2na.com\/index.php\/2025\/05\/19\/weekly-security-news-19th-may-2025\/#primaryimage","url":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/05\/2025-05-19.jpeg","contentUrl":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/05\/2025-05-19.jpeg","width":1200,"height":628,"caption":"2025-05-19"},{"@type":"BreadcrumbList","@id":"https:\/\/www.d2na.com\/index.php\/2025\/05\/19\/weekly-security-news-19th-may-2025\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.d2na.com\/"},{"@type":"ListItem","position":2,"name":"Weekly Security News – 19th May 2025"}]},{"@type":"WebSite","@id":"https:\/\/www.d2na.com\/#website","url":"https:\/\/www.d2na.com\/","name":"D2NA","description":"","publisher":{"@id":"https:\/\/www.d2na.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.d2na.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"https:\/\/www.d2na.com\/#organization","name":"D2 Network Associates Limited","alternateName":"D2NA","url":"https:\/\/www.d2na.com\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.d2na.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/12\/Header-Logo.png","contentUrl":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/12\/Header-Logo.png","width":180,"height":60,"caption":"D2 Network Associates Limited"},"image":{"@id":"https:\/\/www.d2na.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/D2NA","https:\/\/www.linkedin.com\/company\/d2-network-associates-ltd\/"]},{"@type":"Person","@id":"https:\/\/www.d2na.com\/#\/schema\/person\/624fbd3965489b22f6dcfc6d7eb4fb36","name":"Shaun Conway","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/secure.gravatar.com\/avatar\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g","caption":"Shaun Conway"},"sameAs":["https:\/\/www.d2na.com"],"url":"https:\/\/www.d2na.com\/index.php\/author\/shaun-conway\/"}]}},"_links":{"self":[{"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/posts\/4616","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/comments?post=4616"}],"version-history":[{"count":6,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/posts\/4616\/revisions"}],"predecessor-version":[{"id":4624,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/posts\/4616\/revisions\/4624"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/media\/4621"}],"wp:attachment":[{"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/media?parent=4616"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/categories?post=4616"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/tags?post=4616"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}