More results...
Hackers are exploiting critical SharePoint flaws (CVE-2025-53770/53771) to breach global targets, including governments and corporations. Microsoft urges immediate action. Learn about the active attacks and how to protect your network from credential t…
A cybersecurity researcher has released a new open-source scanner designed to detect a critical vulnerability affecting Microsoft SharePoint servers, providing organizations with a crucial tool to assess their security posture against the recently disc…
Microsoft has released new security updates to fix two serious vulnerabilities affecting on-premises SharePoint servers, warning that attackers…
Security researchers at Varonis Threat Labs have identified a subtle but significant vulnerability in Microsoft’s AppLocker security feature that could allow malicious applications to bypass established security restrictions. While not classified…
Microsoft warns of ongoing active exploitation of a SharePoint zero-day vulnerability, tracked as CVE-2025-53770. Microsoft warns of a SharePoint zero-day vulnerability, tracked as CVE-2025-53770 (CVSS score of 9.8), which is under active exploitation. Unfortunately, the flaw has yet to be addressed. The vulnerability is a deserialization of untrusted data in on-premises Microsoft SharePoint Server, an […]
Attackers are exploiting a zero-day variant (CVE-2025-53770) of a SharePoint remote code execution vulnerability (CVE-2025-49706) that Microsoft patched earlier this month, the company has confirmed on Saturday. CVE-2025-53770 is being leveraged to pla…
Enterprises running SharePoint servers should not wait for a fix for CVE-2025-53770 and should commence threat hunting to search for compromise immediately.
The post SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch …
Microsoft has announced significant transparency improvements for its email security platform, introducing a new customer-facing dashboard that provides detailed visibility into threat protection effectiveness across organizations. The enhanced dashboa…
Microsoft has shed light on the sophisticated operations of Octo Tempest, a financially motivated cybercriminal group alternatively known as Scattered Spider, Muddled Libra, UNC3944, or 0ktapus. This threat actor has demonstrated a versatile arsenal of…
A sophisticated cyberattack campaign has emerged targeting organizations through Microsoft Teams impersonation, delivering the updated Matanbuchus 3.0 malware loader that serves as a precursor to ransomware deployment. Security researchers at Morphisec…