More results...
The Warlock ransomware group has intensified its operations by targeting unpatched on-premises Microsoft SharePoint servers, leveraging critical vulnerabilities to achieve remote code execution and initial network access. This campaign, observed in mid…
WarLock ransomware claims breach at Colt and Hitachi, with Colt investigating and working to restore systems while experts…
The Ruđer Bošković Institute (RBI), the largest Croatian science and technology research institute, has confirmed that it was the one of “at least 9,000 institutions worldwide” that were attacked using the Microsoft SharePoint “ToolSh…
For August 2025 Patch Tuesday, Microsoft has released security updates resolving 100+ security vulnerabilities in its various solutions, including a relative path traversal flaw in Windows Kerberos (CVE-2025-53779) that allows an authorized attacker to…
July turned into a surprisingly busy month. It started slowly with a fairly ‘calm’ Patch Tuesday as I forecasted in my last blog. Although there were 130 new CVEs addressed across all the Microsoft releases, there was only one publicly disclosed CVE, s…
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding an exploitation chain dubbed “ToolShell” targeting on-premises Microsoft SharePoint servers. It leverages multiple vulnerabilities including C…
Unit 42 researchers have identified significant overlaps between Microsoft’s reported ToolShell exploit chain targeting SharePoint vulnerabilities and a tracked activity cluster dubbed CL-CRI-1040. This cluster, active since at least March 2025, …
A sophisticated zero-day exploit campaign targeting unpatched vulnerabilities in Microsoft SharePoint Server has compromised approximately 400 organizations worldwide, with potential for a far higher victim count due to underreporting and delayed detec…
Security researchers from Kaspersky have detailed a sophisticated exploit chain dubbed “ToolShell,” actively targeting on-premise Microsoft SharePoint servers worldwide. The campaign, which began widespread exploitation leverages an unauthe…
Chinese laws requiring vulnerability disclosure to the government create transparency issues and potential conflicts for international cybersecurity efforts. Microsoft is probing whether a leak from its confidential early warning system enabled Chinese…