Close Menu
    DevStackTipsDevStackTips
    • Home
    • News & Updates
      1. Tech & Work
      2. View All

      In-House vs. Outsource Node.js Development Teams: 9 Key Differences for the C-Suite (2025)

      July 19, 2025

      Why Non-Native Content Designers Improve Global UX

      July 18, 2025

      DevOps won’t scale without platform engineering and here’s why your teams are still stuck

      July 18, 2025

      This week in AI dev tools: Slack’s enterprise search, Claude Code’s analytics dashboard, and more (July 18, 2025)

      July 18, 2025

      DistroWatch Weekly, Issue 1131

      July 20, 2025

      I ditched my Bluetooth speakers for this slick turntable – and it’s more practical than I thought

      July 19, 2025

      This split keyboard offers deep customization – if you’re willing to go all in

      July 19, 2025

      I spoke with an AI version of myself, thanks to Hume’s free tool – how to try it

      July 19, 2025
    • Development
      1. Algorithms & Data Structures
      2. Artificial Intelligence
      3. Back-End Development
      4. Databases
      5. Front-End Development
      6. Libraries & Frameworks
      7. Machine Learning
      8. Security
      9. Software Engineering
      10. Tools & IDEs
      11. Web Design
      12. Web Development
      13. Web Security
      14. Programming Languages
        • PHP
        • JavaScript
      Featured

      The details of TC39’s last meeting

      July 20, 2025
      Recent

      The details of TC39’s last meeting

      July 20, 2025

      Simple wrapper for Chrome’s built-in local LLM (Gemini Nano)

      July 19, 2025

      Online Examination System using PHP and MySQL

      July 18, 2025
    • Operating Systems
      1. Windows
      2. Linux
      3. macOS
      Featured

      Windows 11 tests “shared audio” to play music via multiple devices, new taskbar animations

      July 20, 2025
      Recent

      Windows 11 tests “shared audio” to play music via multiple devices, new taskbar animations

      July 20, 2025

      WhatsApp for Windows 11 is switching back to Chromium web wrapper from UWP/native

      July 20, 2025

      DistroWatch Weekly, Issue 1131

      July 20, 2025
    • Learning Resources
      • Books
      • Cheatsheets
      • Tutorials & Guides
    Home»Development»Victoria’s Secret Website Down After Security Incident

    Victoria’s Secret Website Down After Security Incident

    May 29, 2025

    Victoria's Secret website down

    The U.S. website of Victoria’s Secret is down after an unspecified security incident, the latest in a series of cyber incidents hitting retailers.

    A status message on the Victoria’s Secret website says the company “identified and are taking steps to address a security incident. We have taken down our website and some in store services as a precaution. Our team is working around the clock to fully restore operations.”

    Victoria’s Secret and PINK stores remain open, the status message reads.

    It is not clear what type of security incident was involved or whether customer data was affected. In a statement to The Cyber Express, a Victoria’s Secret spokesperson said the company “immediately enacted our response protocols” and engaged “third-party experts” for assistance.

    “We are working to quickly and securely restore operations,” the spokesperson added.

    Victoria’s Secret Latest Retail Cyber Incident

    The Victoria’s Secret website incident is the latest in a string of cyber incidents hitting retailers in recent weeks.

    The cyber spree targeting retailers began in late April, when three UK retailers were hit in a matter of days. Those attacks have been attributed to the Scattered Spider threat group and reportedly involved the deployment of DragonForce ransomware.

    Other recent cybersecurity incidents have affected Dior and Adidas, and Google warned in mid-May that Scattered Spider was apparently targeting U.S. retailers.

    Victoria’s Secret, which has generated more than $6 billion in sales in the last year, saw its shares (NYSE:VSCO) fall more than 10% since news of the security incident broke on Wednesday. Bloomberg reported that an internal company communication said recovery from the security incident could take “awhile.”

    Defending Against Scattered Spider

    After the UK retail incidents, the UK’s National Cyber Security Centre issued guidance for retailers to protect their operations from cyberattacks. Those steps include:

    • Using multi-factor authentication
    • Monitoring for signs of account misuse, such as “risky logins” within Microsoft Entra ID Protection
    • Monitoring Domain Admin, Enterprise Admin, and Cloud Admin accounts and making sure that any access is legitimate
    • Review helpdesk password reset processes, including procedures for authenticating staff credentials before resetting passwords
    • Making sure that security operation centers can identify suspicious logins, such as from VPN services in residential ranges
    • Following tactics, techniques, and procedures sourced from threat intelligence “whilst being able to respond accordingly.”

    Google has also issued recent guidance for defending against Scattered Spider attacks.

    Source: Read More

    Facebook Twitter Reddit Email Copy Link
    Previous ArticleEcosystem Partnerships: Driving Mainframe Innovation and Future-Ready Solutions
    Next Article Cybercriminals Target AI Users with Malware-Loaded Installers Posing as Popular Tools

    Related Posts

    Artificial Intelligence

    Scaling Up Reinforcement Learning for Traffic Smoothing: A 100-AV Highway Deployment

    July 20, 2025
    Repurposing Protein Folding Models for Generation with Latent Diffusion
    Artificial Intelligence

    Repurposing Protein Folding Models for Generation with Latent Diffusion

    July 20, 2025
    Leave A Reply Cancel Reply

    For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.

    Continue Reading

    ReTool: A Tool-Augmented Reinforcement Learning Framework for Optimizing LLM Reasoning with Computational Tools

    ReTool: A Tool-Augmented Reinforcement Learning Framework for Optimizing LLM Reasoning with Computational Tools

    Machine Learning

    Perficient Included in Forrester’s AI Technical Services Landscape, Q2 2025

    Development

    Cost Effective Reseller Platforms for Buying SSL Certificates

    Development

    CVE-2025-48112 – Karimmughal Cross-site Scripting (XSS) Vulnerability

    Common Vulnerabilities and Exposures (CVEs)

    Highlights

    CVE-2025-49126 – Visionatrix ComfyUI Reflected Cross-Site Scripting Vulnerability

    June 23, 2025

    CVE ID : CVE-2025-49126

    Published : June 23, 2025, 6:15 p.m. | 4 hours, 29 minutes ago

    Description : Visionatrix is an AI Media processing tool using ComfyUI. In versions 1.5.0 to before 2.5.1, the /docs/flows endpoint is vulnerable to a Reflected XSS (Cross-Site Scripting) attack allowing full takeover of the application and exfiltration of secrets stored in the application. The implementation uses the get_swagger_ui_html function from FastAPI. This function does not encode or sanitize its arguments before using them to generate the HTML for the swagger documentation page and is not intended to be used with user-controlled arguments. Any user of this application can be targeted with a one-click attack that can takeover their session and all the secrets that may be contained within it. This issue has been patched in version 2.5.1.

    Severity: 8.8 | HIGH

    Visit the link for more details, such as CVSS details, affected products, timeline, and more…

    In an embarrassment for Microsoft, SteamOS seems to destroy Windows 11 on gaming performance and battery life, as well as usability

    May 26, 2025

    The easiest way to try out Ubuntu Linux

    April 9, 2025

    This free Windows tool recreates Circle to Search on Windows and Linux

    June 20, 2025
    © DevStackTips 2025. All rights reserved.
    • Contact
    • Privacy Policy

    Type above and press Enter to search. Press Esc to cancel.