How quickly do we patch? A quick look from the global viewpoint, (Mon, Jul 21st) SANS Internet Storm Center, InfoCON: green
July 21, 2025

Since the ongoing “ToolShell” exploitation campaign, in which threat actors attack on-premise Sharpoint servers using a chain of two recently published vulnerabilities[1,2,3], is still on top of the cyber security …


PoisonSeed Hackers Bypass FIDO Keys Using QR Phishing and Cross-Device Sign-In Abuse The Hacker [email protected] (The Hacker News)
July 20, 2025

Cybersecurity researchers have disclosed a novel attack technique that allows threat actors to bypass Fast IDentity Online (FIDO) key protections by deceiving users into approving authentication requests from spoofed company …


Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks The Hacker [email protected] (The Hacker News)
July 20, 2025

Microsoft on Sunday released security patches for an actively exploited security flaw in SharePoint and also released details of another vulnerability that it said has been addressed with "more robust …


Hard-Coded Credentials Found in HPE Instant On Devices Allow Admin Access The Hacker [email protected] (The Hacker News)
July 20, 2025

Hewlett-Packard Enterprise (HPE) has released security updates to address a critical security flaw affecting Instant On Access Points that could allow an attacker to bypass authentication and gain administrative access …


3,500 Websites Hijacked to Secretly Mine Crypto Using Stealth JavaScript and WebSocket Tactics The Hacker [email protected] (The Hacker News)
July 20, 2025

A new attack campaign has compromised more than 3,500 websites worldwide with JavaScript cryptocurrency miners, marking the return of browser-based cryptojacking attacks once popularized by the likes of CoinHive.  Although the …


ISC Stormcast For Monday, July 21st, 2025 https://isc.sans.edu/podcastdetail/9534, (Mon, Jul 21st) SANS Internet Storm Center, InfoCON: green
July 20, 2025

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.  ​Read More


Critical Sharepoint 0-Day Vulnerablity Exploited CVE-2025-53770 (ToolShell), (Sun, Jul 20th) SANS Internet Storm Center, InfoCON: green
July 20, 2025

Microsoft announced yesterday that a newly discovered critical remote code execution vulnerability in SharePoint is being exploited. There is no patch available. As a workaround, Microsoft suggests using Microsoft Defender …


EncryptHub Targets Web3 Developers Using Fake AI Platforms to Deploy Fickle Stealer Malware The Hacker [email protected] (The Hacker News)
July 20, 2025

The financially motivated threat actor known as EncryptHub (aka LARVA-208 and Water Gamayun) has been attributed to a new campaign that's targeting Web3 developers to infect them with information stealer …


CISA Adds One Known Exploited Vulnerability, CVE-2025-53770 “ToolShell,” to Catalog AlertsCISA
July 20, 2025

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. See CISA’s Alert Microsoft Releases Guidance on Exploitation of SharePoint Vulnerability (CVE-2025-53770) for …


Microsoft Releases Guidance on Exploitation of SharePoint Vulnerability (CVE-2025-53770) AlertsCISA
July 20, 2025

CISA is aware of active exploitation of a new remote code execution (RCE) vulnerability enabling unauthorized access to on-premise SharePoint servers. While the scope and impact continue to be assessed, the …