Dark Reading

CISA Warns of Attacks Targeting Commvault SaaS Environment

A threat actor is targeting authentication credentials stored in Commvault's cloud-based backup and recovery platform and using them to gain unauthorized access to customers' Microsoft 365 accounts.
CSOonline

CISA flags Commvault zero-day as part of wider SaaS attack campaign

The US Cybersecurity and Infrastructure Security Agency (CISA) has warned about threat actors abusing Commvault’s SaaS cloud application, Metallic, to access its clients’ critical application secrets.
ZDNet

'Never has data been more valuable nor more vulnerable,’ says CommVault CEO Mirchandani

Someone has got to put things back together again. That might be a broad description of the quest in a cloud age of 25-year-old CommVault Systems, a company that had its heyday long before cloud ...
Dark Reading

Commvault: Vulnerability Patch Works as Intended

Commvault has disputed a security researcher's claims that an exploit for a recently disclosed maximum severity vulnerability, tracked as CVE-2025-34028, in its Command Center Web-based management ...
CRN

Commvault Takes Data Resiliency Head-On With New Commvault Cloud Unity Platform

‘We called it Unity because it unifies resilience across security, identity, and recovery. It unifies resilience across all workloads, from today’s production workloads to tomorrow’s emerging AI ...