Hacking Archives - Page 8 of 964

Pierluigi Paganini July 22, 2025

Cisco confirms active exploitation of ISE and ISE-PIC flaws

Cisco warns of active exploits targeting Identity Services Engine (ISE) and ISE-PIC flaws, first observed in July 2025. Cisco confirmed attempted exploitation in the wild of recently disclosed ISE and ISE-PIC flaws (CVE-2025-20281, CVE-2025-20282, CVE-2025-20337), updating its advisory after detecting attacks in July 2025. “Multiple vulnerabilities in Cisco Identity Services Engine (ISE) and Cisco ISE […]

Pierluigi Paganini July 22, 2025

SharePoint under fire: new ToolShell attacks target enterprises

While SentinelOne did not attribute the attack to a specific threat actor, The Washington Post linked it to China-nexus acors. On July 19, Microsoft confirmed active exploitation of a zero-day vulnerability, tracked as CVE-2025-53770 in on-prem SharePoint Servers. The IT giant issued emergency patches for SharePoint Subscription Edition and 2019, with 2016 updates pending. Microsoft […]

Pierluigi Paganini July 22, 2025

CrushFTP zero-day actively exploited at least since July 18

Hackers exploit CrushFTP zero-day, tracked as CVE-2025-54309, to gain admin access via HTTPS when DMZ proxy is off. Threat actors are exploiting a zero-day vulnerability, tracked as CVE-2025-54309 (CVSS score of 9.0), in the managed file transfer software CrushFTP to gain administrative privileges on vulnerable servers via HTTPS. CrushFTP warned of a zero-day that has […]

Pierluigi Paganini July 21, 2025

U.S. CISA urges to immediately patch Microsoft SharePoint flaw adding it to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft SharePoint flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Microsoft SharePoint flaw, tracked as CVE-2025-53770 (“ToolShell”) (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. This week, Microsoft released emergency SharePoint updates for two zero-day flaws, tracked as CVE-2025-53770 and CVE-2025-53771, […]

Pierluigi Paganini July 21, 2025

Microsoft issues emergency patches for SharePoint zero-days exploited in “ToolShell” attacks

Microsoft patched an exploited SharePoint flaw (CVE-2025-53770) and disclosed a new one, warning of ongoing attacks on on-prem servers. Microsoft released emergency SharePoint updates for two zero-day flaws, tracked as CVE-2025-53770 and CVE-2025-53771, exploited since July 18 in attacks dubbed “ToolShell.” Both vulnerabilities only impact on-premises SharePoint Servers, threat actors could chain them for unauthenticated, […]

Pierluigi Paganini July 21, 2025

SharePoint zero-day CVE-2025-53770 actively exploited in the wild

Microsoft warns of ongoing active exploitation of a SharePoint zero-day vulnerability, tracked as CVE-2025-53770. Microsoft warns of a SharePoint zero-day vulnerability, tracked as CVE-2025-53770 (CVSS score of 9.8), which is under active exploitation. Unfortunately, the flaw has yet to be addressed. The vulnerability is a deserialization of untrusted data in on-premises Microsoft SharePoint Server, an […]

Pierluigi Paganini July 20, 2025

U.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Fortinet FortiWeb flaw, tracked as CVE-2025-25257, to its Known Exploited Vulnerabilities (KEV) catalog. Hackers began exploiting the critical Fortinet FortiWeb flaw CVE-2025-25257 (CVSS score of 9.6) on the same day a proof-of-concept (PoC) exploit […]

Pierluigi Paganini July 20, 2025

Radiology Associates of Richmond data breach impacts 1.4 million people

A data breach at Radiology Associates of Richmond has exposed the personal and health information of over 1.4 million individuals. Radiology Associates of Richmond has disclosed a data breach that impacted personal and health information of over 1.4 million individuals. Radiology Associates of Richmond (RAR) is a private radiology practice founded in 1905 and based […]

Pierluigi Paganini July 19, 2025

Fortinet FortiWeb flaw CVE-2025-25257 exploited hours after PoC release

Hackers exploited a Fortinet FortiWeb flaw the same day a PoC was published, compromising dozens of systems. Hackers began exploiting a critical Fortinet FortiWeb flaw, tracked as CVE-2025-25257 (CVSS score of 9.6), on the same day a proof-of-concept (PoC) exploit was published, leading to dozens of compromised systems. Exploitation of Fortinet’s CVE-2025-25257 began on July […]

Pierluigi Paganini July 18, 2025

Authorities released free decryptor for Phobos and 8base ransomware

Japanese police released a free decryptor for Phobos and 8Base ransomware, letting victims recover files without paying ransom. Japanese authorities released a free decryptor for Phobos and 8Base ransomware, allowing victims to recover files without paying. Japanese police released the free decryptor for ransomware families, which was likely built using intel from a recent gang […]

Hacking

Cisco confirms active exploitation of ISE and ISE-PIC flaws

SharePoint under fire: new ToolShell attacks target enterprises

CrushFTP zero-day actively exploited at least since July 18

U.S. CISA urges to immediately patch Microsoft SharePoint flaw adding it to its Known Exploited Vulnerabilities catalog

Microsoft issues emergency patches for SharePoint zero-days exploited in “ToolShell” attacks

SharePoint zero-day CVE-2025-53770 actively exploited in the wild

U.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog

Radiology Associates of Richmond data breach impacts 1.4 million people

Fortinet FortiWeb flaw CVE-2025-25257 exploited hours after PoC release

Authorities released free decryptor for Phobos and 8base ransomware

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Healthcare Services Group discloses 2024 data breach that impacted 624,496 people

ESET warns of PromptLock, the first AI-driven ransomware

China linked Silk Typhoon targeted diplomats by hijacking web traffic

Farmers Insurance discloses a data breach impacting 1.1M customers

Citrix fixed three NetScaler flaws, one of them actively exploited in the wild

QUICK LINKS

Hacking

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!