A zero-day vulnerability in the Zimbra Collaboration Suite (ZCS), identified as CVE-2025-27915, has been exploited in targeted attacks using weaponized iCalendar files. This stored cross-site scripting (XSS) flaw allows attackers to steal sensitive data from victims' email accounts.

A recent government survey reveals that six out of ten UK secondary schools have experienced a cyber-attack or breach in the past year, with further education colleges and universities facing even higher rates. Analysts attribute the vulnerability of state schools to funding pressures and a lack of specialist cybersecurity expertise.

Joe Tidy, a BBC cybersecurity journalist, was approached by the Medusa ransomware gang, who offered him a cut of ransom payments in exchange for insider access to the BBC's systems. This incident highlights the growing trend of bribery-based attacks targeting employees within organizations.