The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Federal Bureau of Investigation (FBI) and Multi-State Information Sharing and Analysis Center (MS-ISAC), has issued a joint Cybersecurity Advisory (CSA) due to the active exploitation of CVE-2023-22515. This vulnerability affects certain Atlassian Confluence Data Center and Server versions, allowing malicious actors to create unauthorized administrator accounts. It’s rated critical by Atlassian, and CISA, FBI, and MS-ISAC expect widespread, ongoing exploitation. They recommend immediate software updates and network monitoring for potential compromises, with incident response measures if necessary.
Marks and Spencer issue update after 'cyber incident' – Liverpool Echo
Marks and Spencer provided an update following a cyber incident. They assured customers that payment card details were not compromised, but personal information may have
