Hacking

SharePoint under fire: new ToolShell attacks target enterprises

While SentinelOne did not attribute the attack to a specific threat actor, The Washington Post linked it to China-nexus acors.…

12 months ago

CrushFTP zero-day actively exploited at least since July 18

Hackers exploit CrushFTP zero-day, tracked as CVE-2025-54309, to gain admin access via HTTPS when DMZ proxy is off. Threat actors…

12 months ago

U.S. CISA urges to immediately patch Microsoft SharePoint flaw adding it to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft SharePoint flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and…

12 months ago

Microsoft issues emergency patches for SharePoint zero-days exploited in “ToolShell” attacks

Microsoft patched an exploited SharePoint flaw (CVE-2025-53770) and disclosed a new one, warning of ongoing attacks on on-prem servers. Microsoft…

12 months ago

SharePoint zero-day CVE-2025-53770 actively exploited in the wild

Microsoft warns of ongoing active exploitation of a SharePoint zero-day vulnerability, tracked as CVE-2025-53770. Microsoft warns of a SharePoint zero-day…

12 months ago

U.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and…

12 months ago

Radiology Associates of Richmond data breach impacts 1.4 million people

A data breach at Radiology Associates of Richmond has exposed the personal and health information of over 1.4 million individuals.…

12 months ago

Fortinet FortiWeb flaw CVE-2025-25257 exploited hours after PoC release

Hackers exploited a Fortinet FortiWeb flaw the same day a PoC was published, compromising dozens of systems. Hackers began exploiting…

12 months ago

Authorities released free decryptor for Phobos and 8base ransomware<gwmw style="display:none;"></gwmw>

Japanese police released a free decryptor for Phobos and 8Base ransomware, letting victims recover files without paying ransom. Japanese authorities…

12 months ago

LameHug: first AI-Powered malware linked to Russia’s APT28

LameHug malware uses AI to create data-theft commands on infected Windows systems. Ukraine links it to the Russia-nexus APT28 group.…

12 months ago

This website uses cookies.