Dior begins sending data breach notifications to U.S. customers
The House of Dior (Dior) is sending data breach notifications to U.S. customers informing them that a May cybersecurity incident compromised
Veeam Recovery Orchestrator users locked out after MFA rollout
Veeam warned customers today that a recently released version of Recovery Orchestrator blocks Web UI logins after enabling multi-factor authentication
ExpressVPN bug leaked user IPs in Remote Desktop sessions
ExpressVPN has fixed a flaw in its Windows client that caused Remote Desktop Protocol (RDP) traffic to bypass the virtual
HPE warns of hardcoded passwords in Aruba access points
Hewlett-Packard Enterprise (HPE) is warning of hardcoded credentials in Aruba Instant On Access Points that allow attackers to bypass normal
Microsoft SharePoint zero-day exploited in RCE attacks, no patch available
Update 7/20/25: Added that there are actually two zero-days exploited and that Microsoft released a security update for SharePoint Subscription