Published: December, 26 2025
GiaSpace is aware of a security incident affecting a client environment that resulted from a critical zero-day vulnerability in third-party enterprise file sharing software. This vulnerability is part of a broader campaign that has impacted organizations across multiple sectors nationwide.
Upon identification of the incident, our team immediately conducted a forensic investigation and discovered evidence suggesting the software vendor was aware of active exploitation prior to providing adequate notification or remediation guidance to customers. We have preserved all relevant logs, communications, and evidence, and have shared our findings with the affected client’s legal counsel.
GiaSpace has proactively audited all client environments and confirmed this vulnerability was isolated to a single deployment. No other GiaSpace-managed clients were affected.
We continue to monitor threat intelligence related to this campaign and have implemented additional detection measures across all managed environments. We are also cooperating with industry security researchers who are tracking this ongoing threat. GiaSpace remains committed to transparency and will continue to advocate for accountability from software vendors whose products put our clients at risk.
Due to the criminal nature of the attack and for security reasons, GiaSpace cannot publicly share technical details of the attack, the restoration details nor customer-specific information.
Robert Giannini
CEO, GiaSpace