
Cyber Security
Cyber Attacks Hit KNP, Microsoft, And Ring In Ongoing Security Crisis
Updated on Tue, Jul 22, 2025
From a 158-year-old company collapsing to ransomware to Microsoft battling fresh SharePoint exploits and Ring users fearing account breaches, here's a roundup of the latest lapses and risks in the cybersecurity landscape.
Read on!
Weak Password Leads To Collapse Of 158-Year-Old UK Company
KNP, a 158-year-old transport company in Northamptonshire, collapsed after a ransomware attack, believed to have originated from a single weak password, left 700 people jobless.
This incident highlights the widespread cybercrime crisis in the UK, affecting major brands such as M&S, Co-op (which saw 6.5 million members' data stolen), and Harrods.
Hackers reportedly gained access to KNP's systems by guessing an employee's password, then its encrypted data, and locked systems. KNP’s director, Paul Abbott, has not informed the employee, asking, "Would you want to know if it was you?"
Richard Horne, CEO of the National Cyber Security Centre (NCSC), stressed the need for stronger corporate defenses, stating, "We need organizations to take steps to secure their systems, to secure their businesses."
He acknowledges a "wave of criminal cyber-attacks" but denies criminals are winning. The typical UK ransom demand is £4 million, with a third of companies paying the ransom.
The National Crime Agency (NCA) is working to catch these offenders, as Suzanne Grimmer, an NCA team head, notes that hacking is rising due to its lucrative nature, and businesses must enhance their cyber resilience.
As legacy firms fall to simple security oversights, critical technology infrastructures are no safer. Now, Microsoft is sounding the alarm over fresh server-side attacks.
Microsoft Warns Of Active Attacks On SharePoint Servers
Recent developments have seen Microsoft issuing an urgent warning about active cyberattacks targeting critical vulnerabilities in its on-premises SharePoint server software.
These ongoing exploits target two newly identified flaws affecting Microsoft SharePoint Servers: CVE-2025-53770 and CVE-2025-53771. Eye Security first reported in-the-wild exploitation of CVE-2025-53770 on July 18, with Trend™ Research independently confirming these findings.
These latest flaws build on previously patched vulnerabilities, CVE-2025-49706 and CVE-2025-49704, which were disclosed during Pwn2Own Berlin 2025. Subsequent analysis revealed the initial patches were incomplete, requiring the urgent release of the new CVEs.
Microsoft acknowledged these issues on July 19, providing patches for SharePoint Subscription Edition and 2019, with a patch for SharePoint 2016 forthcoming. Attackers are exploiting CVE-2025-53770 by targeting the /layouts/15/ToolPane.aspx endpoint with a crafted HTTP request and a unique Referer header /_layouts/SignOut.aspx to bypass authentication.
This allows them to upload a malicious .aspx file, spinstall0.aspx, which extracts cryptographic secrets and enables unauthenticated Remote Code Execution (RCE) attacks.
Exploitation attempts have been observed across Asia, Europe, and the United States, affecting diverse sectors including finance, education, energy, and healthcare.
With even patched systems proving vulnerable, consumer-facing platforms aren't immune either. This rings true especially for Ring users who are questioning the security of their own homes.
Ring Blames Bug For Suspicious Logins, Users Suspect Breach
Ring, the Amazon-owned smart home security company, is facing intense scrutiny after a wave of customer reports on May 28th detailed suspicious logins to their accounts. While Ring attributes these anomalies to a "backend update bug" that allegedly displayed prior login dates by accident, many users remain unconvinced.
Customers have cited unrecognized devices, unfamiliar IP addresses, and logins from foreign countries, directly contradicting Ring's explanation of "previous logins."
One user on X exclaimed, "Absolute bollocks with your 'bug' I don't even know Derbhille or is she anyway associated with our ring camera or family? Just admit you've been hacked and yous are gonna amend this."
The persistent nature of these reports, even days after the alleged backend fix, combined with some users reporting live view activity during periods of no household access and a lack of security alerts, fuels suspicions of a more significant breach.
While Ring maintains there's "no reason to believe this is the result of unauthorized access," affected users are advised to immediately review their "Authorized Client Devices" in the Ring app, remove any unrecognized entries, change their account passwords, and enable two-factor authentication.
Do you think patched systems will ever be safe from evolving threats? Should businesses alert customers as soon as they suspect a possible threat?
Let us know your thoughts in the comments section below!
First published on Tue, Jul 22, 2025
Enjoyed what you read? Great news – there’s a lot more to explore!
Dive into our content repository of the latest tech news, a diverse range of articles spanning introductory guides, product reviews, trends and more, along with engaging interviews, up-to-date AI blogs and hilarious tech memes!
Also explore our collection of branded insights via informative white papers, enlightening case studies, in-depth reports, educational videos and exciting events and webinars from leading global brands.
Head to the TechDogs homepage to Know Your World of technology today!
Disclaimer - Reference to any specific product, software or entity does not constitute an endorsement or recommendation by TechDogs nor should any data or content published be relied upon. The views expressed by TechDogs' members and guests are their own and their appearance on our site does not imply an endorsement of them or any entity they represent. Views and opinions expressed by TechDogs' Authors are those of the Authors and do not necessarily reflect the view of TechDogs or any of its officials. While we aim to provide valuable and helpful information, some content on TechDogs' site may not have been thoroughly reviewed for every detail or aspect. We encourage users to verify any information independently where necessary.
Loading comments...
