Microsoft Restricts Access Amid Suspected Insider Leak in Cybersecurity Warning Program

In mid-August 2025, Microsoft announced a significant shift in its Active Protections Program (MAPP), restricting access to its early cybersecurity warning system for certain participants—a direct response to suspicions that one or more partners leaked sensitive information tied to newly disclosed SharePoint vulnerabilities

MAPP has long served as a vital channel for sharing vulnerability data—like “proof of concept” code—with trusted security vendors before public disclosure, enabling rapid defense development. However, a surge in hacking attempts shortly after Microsoft unveiled SharePoint security flaws in late June and early July raised alarms that some of the very organizations benefiting from early access may be acting with ill intent

More details…

Colt Technology Services Cyber Incident: Support Systems Taken Offline Amid Ransomware Threat

On August 12, 2025, Colt Technology Services, a major UK-based telecommunications provider, discovered a cyberattack targeting one of its internal systems. Importantly, this system is isolated from its core customer infrastructure. This breach has been linked to the Warlock ransomware group, prompting immediate action to safeguard customers and internal operations.

What Was Compromised

Security researcher Kevin Beaumont revealed that attackers exploited a known SharePoint vulnerability (CVE‑2025‑53770), enabling remote code execution and the theft of cryptographic keys from unpatched systems. The Warlock group reportedly exfiltrated “several hundred gigabytes” of internal data. Stolen materials—including employee salary data, financial documents, customer contracts, network architecture, and software development insights—have been listed for sale on a Russian Tor forum, with up to one million documents allegedly offered.

More details…