Pierluigi Paganini
July 23, 2025
Microsoft linked SharePoint exploits to China-nexus groups Linen Typhoon, Violet Typhoon, and Storm-2603, active since July 7, 2025. Microsoft confirmed that China-linked groups Linen Typhoon, Violet Typhoon, and Storm-2603 exploited SharePoint flaws for initial access as early as July 7, 2025. “As of this writing, Microsoft has observed two named Chinese nation-state actors, Linen Typhoon […]
Pierluigi Paganini
July 22, 2025
While SentinelOne did not attribute the attack to a specific threat actor, The Washington Post linked it to China-nexus acors. On July 19, Microsoft confirmed active exploitation of a zero-day vulnerability, tracked as CVE-2025-53770 in on-prem SharePoint Servers. The IT giant issued emergency patches for SharePoint Subscription Edition and 2019, with 2016 updates pending. Microsoft […]
Pierluigi Paganini
July 21, 2025
Microsoft patched an exploited SharePoint flaw (CVE-2025-53770) and disclosed a new one, warning of ongoing attacks on on-prem servers. Microsoft released emergency SharePoint updates for two zero-day flaws, tracked as CVE-2025-53770 and CVE-2025-53771, exploited since July 18 in attacks dubbed “ToolShell.” Both vulnerabilities only impact on-premises SharePoint Servers, threat actors could chain them for unauthenticated, […]
Pierluigi Paganini
July 21, 2025
Microsoft warns of ongoing active exploitation of a SharePoint zero-day vulnerability, tracked as CVE-2025-53770. Microsoft warns of a SharePoint zero-day vulnerability, tracked as CVE-2025-53770 (CVSS score of 9.8), which is under active exploitation. Unfortunately, the flaw has yet to be addressed. The vulnerability is a deserialization of untrusted data in on-premises Microsoft SharePoint Server, an […]
Pierluigi Paganini
July 23, 2020
Expert release a PoC exploit code for a recently addressed critical flaw in Microsoft SharePoint, .NET Framework, and Visual Studio. CVE-2020-1147 is a critical vulnerability in .NET Framework, SharePoint, and Visual Studio that was recently addressed by Microsoft with the release of the July 2020 Patch Tuesday security updates. The flaw is caused by the lack […]
Pierluigi Paganini
February 18, 2020
A security expert found a flaw in SharePoint that could be exploited to remotely execute arbitrary code by sending a specially crafted SharePoint application package. Summary:A few days ago I saw a post from Alienvault which says attackers are still exploiting SharePoint vulnerability to attack Middle East government organization. Having said that I found Income Tax Department […]
Pierluigi Paganini
December 19, 2019
Microsoft issues an out-of-band update to address SharePoint flaw, tracked as CVE-2019-1491, that could be exploited to obtain sensitive information. Microsoft issues an out-of-band update to fix an information disclosure vulnerability in SharePoint server, tracked as CVE-2019-1491, that could be exploited by an attacker to obtain sensitive information. “An information disclosure vulnerability exists in SharePoint […]
Pierluigi Paganini
May 30, 2019
Chinese Cyber-Spies Target Government Organizations in Middle East Chinese APT group Emissary Panda has been targeting government organizations in two different countries in the Middle East. Experts at Palo Alto Networks reported that the Chinese APT group Emissary Panda (aka APT27, TG-3390, Bronze Union, and Lucky Mouse) has been targeting government organizations in two different […]
Malware / September 13, 2025
