DragonForce Ransomware Hits Harrods, Marks and Spencer, Co-Op & Other UK Retailers

May 6, 2025

DragonForce Ransomware Hits Harrods, Marks and Spencer, Co-Op & Other UK Retailers

A coordinated wave of cyberattacks has struck major UK retailers in recent weeks, with the DragonForce ransomware group claiming responsibility for breaches at Marks & Spencer, Co-op, and luxury depar …

Published Date:
May 06, 2025 (2 hours, 28 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2021-44228

Source: Read More

Previous ArticleGoogle fixes actively exploited FreeType flaw on Android

Next Article RCE flaw in tool for building AI agents exploited by attackers (CVE-2025-3248)

Highlights

CVE-2025-5963 – Postbox macOS Dylib Injection Vulnerability

June 20, 2025

CVE ID : CVE-2025-5963

Published : June 20, 2025, 10:15 a.m. | 27 minutes ago

Description : The Postbox’s configuration on macOS, specifically the presence of entitlements: “com.apple.security.cs.allow-dyld-environment-variables” and “com.apple.security.cs.disable-library-validation” allows for Dynamic Library (Dylib) injection. A local attacker with unprivileged access can use environment variables like DYLD_INSERT_LIBRARIES to successfully inject code in application’s context and bypass Transparency, Consent, and Control (TCC). Acquired resource access is limited to previously granted permissions by the user. Access to other resources beyond granted-permissions requires user interaction with a system prompt asking for permission.

The original company behind Postbox is no longer operational, the software will no longer receive updates. The acquiring company (em Client) did not cooperate in vulnerability disclosure.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Wayback entra a far parte dell’ecosistema FreeDesktop.org

July 11, 2025

CVE-2025-53475 – Advantech iView SQL Injection and Remote Code Execution Vulnerability

July 10, 2025

Steam Deck OLED falls out of stock in US & Canada due to “supply chain constraints” presumably triggered by tariffs — but the price won’t increase

June 12, 2025

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

DragonForce Ransomware Hits Harrods, Marks and Spencer, Co-Op & Other UK Retailers

DragonForce Ransomware Hits Harrods, Marks and Spencer, Co-Op & Other UK Retailers

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

CVE-2025-48279 – WC MyParcel Belgium Cross-site Scripting (XSS)

CVE-2025-30102 – Dell PowerScale OneFS Out-of-Bounds Write Vulnerability

CVE-2025-4672 – Offsprout Page Builder WordPress Privilege Escalation Vulnerability

CVE-2025-6093 – “uYanki Board-STM32F103RC-Buffer Overflow Vulnerability”

CVE-2025-5963 – Postbox macOS Dylib Injection Vulnerability

Wayback entra a far parte dell’ecosistema FreeDesktop.org

CVE-2025-53475 – Advantech iView SQL Injection and Remote Code Execution Vulnerability

Steam Deck OLED falls out of stock in US & Canada due to “supply chain constraints” presumably triggered by tariffs — but the price won’t increase

DragonForce Ransomware Hits Harrods, Marks and Spencer, Co-Op & Other UK Retailers

DragonForce Ransomware Hits Harrods, Marks and Spencer, Co-Op & Other UK Retailers

Related Posts