CISA flags Commvault zero-day as part of wider SaaS attack campaign | CSO Online

Threat actors exploited a zero-day vulnerability in Commvault’s Metallic SaaS application to access client secrets and gain unauthorized access to M365 environments. CISA warns this is part of a larger campaign targeting SaaS applications with default settings and high-level permissions. Commvault promptly patched the flaw and recommends organizations apply patches and implement additional mitigations.