May 23, 2025Ravie LakshmananCloud Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday revealed that Commvault is monitoring cyber threat activity targeting applications hosted in their Microsoft Azure cloud environment. "Threat actors may have accessed client secrets for Commvault's (Metallic) Microsoft 365 (M365) backup software-as-a-service (SaaS) solution, hosted in Azure," the agency said. "This provided the threat actors with unauthorized access to Commvault's customers' M365 environments that have application secrets stored by Commvault." CISA further noted that the activity may be part of a broader campaign targeting various software-as-a-service (SaaS) providers' cloud infrastructures with default configurations and elevated permissions. The advisory comes weeks after Commvault revealed that Microsoft notified the company in February 2025 of unauthorized activity by a nation-state threat actor within its Azure environment. The incident led to the discovery that the threat actors had been exploiting a zero-day vulnerability (CVE-2025-3928), an unspecified flaw in the Commvault Web Server that enables a remote, authenticated attacker to create and execute web shells. "Based on industry experts, this threat actor uses sophisticated techniques to try to gain access to customer M365 environments," Commvault said in an announcement. "This threat actor may have accessed a subset of app credentials that certain Commvault customers use to authenticate their M365 environments." Commvault said it has taken several remedial actions, including rotating app credentials for M365, but emphasized that there has been no unauthorized access to customer backup data. To mitigate such threats, CISA is recommending that users and administrators follow the below guidelines - Monitor Entra audit logs for unauthorized modifications or additions of credentials to service principals initiated by Commvault applications/service principals Review Microsoft logs (Entra audit, Entra sign-in, unified audit logs) and conduct internal threat hunting For single tenant apps, implement a conditional access policy that limits authentication of an application service principal to an approved IP address that is listed within Commvault's allowlisted range of IP addresses Review the list of Application Registrations and Service Principals in Entra with administrative consent for higher privileges than the business need Restrict access to Commvault management interfaces to trusted networks and administrative systems Detect and block path-traversal attempts and suspicious file uploads by deploying a Web Application Firewall and removing external access to Commvault applications CISA, which added CVE-2025-3928 to its Known Exploited Vulnerabilities Catalog in late April 2025, said it's continuing to investigate the malicious activity in collaboration with partner organizations. Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post. SHARE    

OpenAI just made its biggest move yet — buying Jony Ive's AI startup — with hopes of building something that feels as magical as the first iPhone.Image Credit: OpenAIInitially, it was reported that OpenAI would buy Jony Ive's AI startup, simply named "io", for $500 million. To say that the actual sale cost was a bit higher would be an understatement.The final sale price wound up being nearly $6.5 billion — in stock. Continue Reading on AppleInsider | Discuss on our Forums

The Pokémon TCG market is moving, and not quietly. With Black Bolt and White Flare coming in hot, many Black and White-era cards are suddenly on every collector’s radar again. We're seeing massive jumps on cards that have sat stable for years, all because Gen V is back in style. If you're looking to trade, cash in, or just gawk at how weird card prices can get, I’ve got you covered.Here are five cards that are flying and five that are faceplanting. Some of these are smart buys. Others? Let’s say I wouldn’t want to be the one who paid full price three weeks ago.Pokémon Card CrashersImage Credit: IGN Photo Composite / The Pokémon CompanyLeafeon ex from Prismatic Evolutions dropped 21% since mid-April, from $467.85 to $369.96. Still expensive, sure, but that's a big chunk of change to evaporate in just a few weeks. If you bought high, I’m sorry. If not, maybe give it a few more dips before you pounce.And then there’s Eevee ex, also from Prismatic. Down 28%, now sitting at $172 after peaking above $240. Honestly, I think Eeveelution fatigue is real. There are just so many of them floating around that even good cards are struggling to keep their value.Salamence ex - 187/159Leafeon ex - 144/131Iron Crown ex - 158/131Lillie's Clefairy ex - 184/159Eevee ex - 167/131Lillie’s Clefairy ex from Journey Together has slid 26% this month, from $212 to $158. I still like this card a lot, but the dip is noticeable. Early adopters probably paid more than they should have, and now the market's correcting like it just remembered what money is.Salamence ex is rough. It's down a staggering 63% since late March, from $242 to $90.50. That’s not a correction, that’s a full-on crash landing. I wouldn’t be shocked if it dips further. Might be worth watching, but I wouldn’t touch it yet unless you’re in it for the art.Lastly, we’ve got Iron Crown ex from Prismatic, down 19% just this month. It was sitting around $84 and is now at $67.75. That’s not terrible, but it’s still part of a clear trend. The set had a big debut and now the shine is fading fast.Did you catch last week's crashers and climbers? Read the most recent updates from our weekly column.Pokémon Card ClimbersImage Credit: IGN Photo Composite / The Pokémon CompanyI’ll start with Reshiram from Black & White, which has absolutely rocketed. It was sitting at a modest $33.92 in mid-March, and now you’re lucky to find one under $240. That’s a 150% leap for a card that’s over a decade old. I’ve seen faster elevators, but not many. With all 156 Unova Pokémon getting fresh prints soon, I think Reshiram’s still got room to climb.Then there’s Zekrom EX from Next Destinies, which has gone from $34.63 to nearly $392 since March. It’s another reminder that Full Art cards from the EX era aren’t just collectible, they’re volatile. In a good way, if you got in early. I’d still grab this if it fits your binder, because it's only going to get more attention once White Flare drops.Zekrom EX - 97/99Reshiram - 113/114Dialga GX - 125/131Sprigatito - 196/193Vileplume GX - 4/236$10.03 at TCG PlayerI’m also watching Sprigatito from Paldea Evolved. The IR version has quietly crept up from $17.98 in January to $21.95 today. It’s not a moonshot, but compared to the general slump of modern IRs, it’s doing surprisingly well. Plus, it’s a smug little cat and people love smug cats.Now for Dialga-GX from Forbidden Light. This one was hanging out around $14 just two months ago, and it’s shot up to $74.99. I wouldn’t call it graceful, but it’s definitely gaining traction. GX-era cards are getting more attention lately, and Dialga's age plus playable nostalgia make it a solid hold in my opinion.Don’t laugh, but Vileplume-GX from Cosmic Eclipse is up too. It was stuck at $6.83 for what felt like forever, and now it’s over $10. It’s not exactly a gold rush, but it’s one of those oddball rares that sneaks up when no one’s looking. You’ll thank yourself later if you pull it out of a bulk box and it suddenly pays for lunch.Pokémon Card Sealed Boosters151 Booster PackDropped by 8% since beginning of MayUnless you're dead set on grabbing the promo cards and poster in the 151 poster bundle, grabbing booster packs from TCG Player is where it's at (Or just the poster and promos seperately). Currently sitting at $10.33 a pack, it's obvious that Amazon is now going above MSRP and secondary market value. If you're not bothered about opening packs and just want 151 chase cards, here's some of my favorites as well.Charmeleon - 169/165Bulbasaur - 166/165Alakazam ex - 201/165Squirtle - 170/165Charizard ex - 183/165Charmander - 168/165Zapdos ex - 202/165Venusaur ex - 198/165Blastoise ex - 200/165Charizard ex - 199/165If you've dedicated your life to pulling chase cards yourself, here's what we can find in stock right now. Just watch out for pricing over MSRP, we're in a weird spot as Pokémon trainers right now, so don't pay more than what you have to. If you're desperate for some big box retailer products, here you go. Just make sure to be savvy before buying, as 9 times out of 10 TCG Player will be cheaper in this climate.151 Poster Collection$40.97 at AmazonPokémon Trading Card Game Classic$290.67 at AmazonTerapagos ex UPC$219.99 at AmazonPrismatic Evolutions Booster Bundle$84.48 at AmazonPrismatic Evolutions Surprise BoxHoliday 2024 Calendar$54.27 at AmazonMimikyu ex Box$49.99 at AmazonAzure Legends Tin$39.77 at Amazon2024 Trainer’s Toolkit$33.50 at AmazonShrouded Fable Mini Tin$16.00 at AmazonHere's the Pokémon TCG full Release Schedule so far for this year, too, so you don't miss anything. Buying singles is the cheapest way to collect right now, but don't feel like you have to "Catch Em' All!".Destined Rivals Sealed Product Preorder UpdatesWith Destined Rivals dropping May 30 and preorders currently sold out everywhere, it's a good time to keep on top of the secondary market to find the best prices. Best Buy will restock on May 23 via a special "Best Buy Drops" preorder event on its app, just like the recent Black Bolt and White Flare expansions preorders. Destined RivalsBooster BundleSee it at TCG PlayerDestined RivalsBooster BoxSee it at TCG PlayerDestined RivalsElite Trainer BoxSee it at TCG PlayerDestined RivalsPokemon Center Elite Trainer Box (Exclusive)See it at TCG PlayerDestined RivalsHalf Booster BoxSee it at TCG PlayerDestined RivalsBooster PackSee it at TCG PlayerDestined RivalsSleeved Booster PackSee it at TCG PlayerDestined Rivals3 Pack Blister [Zebstrika]See it at TCG PlayerDestined Rivals3 Pack Blister [Kangaskhan]See it at TCG PlayerDestined RivalsBuild & Battle BoxSee it at TCG PlayerBest Buy has also confirmed it will have Booster Box stock online on May 30, alongside ETBs, Booster Packs, and more in store for launch.You could also just wait a few months for more solid stock, but like I said in my preview, this set is one of my favorites in the Scarlet and Violet era, and well worth picking up ASAP.Christian Wait is a contributing freelancer for IGN covering everything collectable and deals. Christian has over 7 years of experience in the Gaming and Tech industry with bylines at Mashable and Pocket-Tactics. Christian also makes hand-painted collectibles for Saber Miniatures. Christian is also the author of "Pokemon Ultimate Unofficial Gaming Guide by GamesWarrior". Find Christian on X @ChrisReggieWait.