InfoSecBulletin Cybersecurity for mankind
UK telecoms company Colt suffered a cyberattack by the Warlock ransomware gang. The attack began on Tuesday, 12th August, around 11 am BST, initially reported as a technical issue. By Thursday, 14th August, Cold announced they were addressing a cyber incident affecting Colt Technology Services, including hosting, porting services, Colt Online, and Voice API platforms.
“We detected the cyber incident on an internal system. This system is separate from our customers’ infrastructure. We took immediate protective measures to ensure the security of our customers, colleagues, and business, and we proactively notified the relevant authorities,” Colt status updates say.
Microsoft to Build the “World’s Most Powerful AI Data Center”
Fraudsters swipe Tk 27 lakh from SCB cardholders
EDR-Freeze: A Tool That Puts EDRs And Antivirus Into A Coma State
First-ever AI-powered ‘MalTerminal’ Malware Uses OpenAI GPT-4 to Generate Code
Gmail Data exposes via ChatGPT Deep Research Agent dubbed “ShadowLeak Zero-Click” Flaw
Cyber attack disrupts several European airports: check-in and boarding systems affected
Hacker claim to breach Link3; 189,000 Users data up for sale
Check Point Hosts “Securing the Hyperconnected World in the AI Era” in Dhaka
Microsoft Confirms 900+ XSS Vulns Found in IT Services
Daily Security Update Dated : 15.09.2025
As a result of the attack, Colt took some of its systems offline, which affected Colt Online and the Voice API platform.
“One of our protective measures involved us proactively taking some systems offline, which has led to the disruption of some of the support services we provide to our customers. Our technical team is focused on restoring the affected systems and is working closely with third-party cyber experts.”
A threat actor using the alias ‘cnkjasdfgd’ and claiming to be a member of the WarLock ransomware gang claimed the attack and offered to sell for $200,000 a batch of one million documents allegedly stolen from Colt.
Several data samples have also been published to prove the validity of the files. According to the threat actor, the stolen files include financial, employee, customer, and executive data, internal emails, and software development information.
The telecommunications company hasn’t revealed the breach’s cause, but security researcher Kevin Beaumont suggests that the hacker likely exploited a remote code execution vulnerability in Microsoft SharePoint, known as CVE-2025-53770, to gain initial access.
Colt, founded in 1992 as City of London Telecommunications and acquired by Fidelity Investments in 2015, is a leading telecommunications provider in 30 countries in Europe, Asia, and North America. It operates 75,000 km of fiber networks that connect 900 data centers.
