Hackers Exploiting Sharepoint 0-day Vulnerability to Deploy Warlock Ransomware Microsoft has issued urgent warnings about active exploitation of critical SharePoint vulnerabilities CVE-2025-53770 and CVE-2025-53771 by multiple threat actors, including the China-based group Storm … Read more Published Date: Jul 25, 2025 (56 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2025-53771 CVE-2025-53770 CVE-2025-49706 CVE-2025-49704
ToolShell: a story of five vulnerabilities in Microsoft SharePoint On July 19–20, 2025, various security companies and national CERTs published alerts about active exploitation of on-premise SharePoint servers. According to the reports, observed attacks did not requi … Read more Published Date: Jul 25, 2025 (1 hour, 41 minutes ago) Vulnerabilities has been mentioned in this article. […]
Starlink Outage Sparks Cyberattack Speculation—But SpaceX Says Software to Blame SpaceX’s Starlink internet service suffered a major international outage, disconnecting tens of thousands of users for over two hours. The Starlink outage began around 3 p.m. Eastern Time (19:00 GMT), … Read more Published Date: Jul 25, 2025 (2 hours, 39 minutes ago) Vulnerabilities has been mentioned […]
Critical Axios Flaw (CVE-2025-54371) in Form-Data Dependency Exposes Millions to HTTP Manipulation Axios, the popular promise-based HTTP client for Node.js and browsers, has been found vulnerable through a critical flaw in a transitive dependency, putting millions of applications at risk of multipa … Read more Published Date: Jul 25, 2025 (10 hours, 15 minutes ago) Vulnerabilities has […]
Dropping Elephant Targets Türkiye’s Missile Industry with Stealthy Conference Lures & VLC DLL Sideloading Arctic Wolf Labs has uncovered a new cyber-espionage campaign orchestrated by the threat actor Dropping Elephant, targeting Türkiye’s defense industrial base—specifically a manufacturer of precision-g … Read more Published Date: Jul 25, 2025 (10 hours, 21 minutes ago) Vulnerabilities has been mentioned in […]
400,000 WordPress Sites at Risk: CVE-2025-24000 in Post SMTP Plugin Allows Full Site Takeover A vulnerability in the popular Post SMTP WordPress plugin—installed on over 400,000 websites—has been disclosed by Patchstack, exposing sites to full account takeover attacks via broken access control … Read more Published Date: Jul 25, 2025 (10 hours, 25 minutes ago) Vulnerabilities has […]
High-Severity SQL Injection (CVE-2025-52914) in Mitel MiCollab Allows Data Access, Command Execution Mitel has released a security advisory addressing a high-severity SQL injection vulnerability in its MiCollab platform—an issue that could allow authenticated attackers to execute arbitrary database c … Read more Published Date: Jul 25, 2025 (10 hours, 43 minutes ago) Vulnerabilities has been mentioned in […]
