Critical Sharepoint 0-Day Vulnerablity Exploited CVE-2025-53770 (ToolShell), (Sun, Jul 20th) SANS Internet Storm Center, InfoCON: green
July 20, 2025

Microsoft announced yesterday that a newly discovered critical remote code execution vulnerability in SharePoint is being exploited. There is no patch available. As a workaround, Microsoft suggests using Microsoft Defender …


EncryptHub Targets Web3 Developers Using Fake AI Platforms to Deploy Fickle Stealer Malware The Hacker [email protected] (The Hacker News)
July 20, 2025

The financially motivated threat actor known as EncryptHub (aka LARVA-208 and Water Gamayun) has been attributed to a new campaign that's targeting Web3 developers to infect them with information stealer …


CISA Adds One Known Exploited Vulnerability, CVE-2025-53770 “ToolShell,” to Catalog AlertsCISA
July 20, 2025

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. See CISA’s Alert Microsoft Releases Guidance on Exploitation of SharePoint Vulnerability (CVE-2025-53770) for …


Microsoft Releases Guidance on Exploitation of SharePoint Vulnerability (CVE-2025-53770) AlertsCISA
July 20, 2025

CISA is aware of active exploitation of a new remote code execution (RCE) vulnerability enabling unauthorized access to on-premise SharePoint servers. While the scope and impact continue to be assessed, the …


Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Global Organizations The Hacker [email protected] (The Hacker News)
July 20, 2025

A critical security vulnerability in Microsoft SharePoint Server has been weaponized as part of an "active, large-scale" exploitation campaign. The zero-day flaw, tracked as CVE-2025-53770 (CVSS score: 9.8), has been described …


Malware Injected into 6 npm Packages After Maintainer Tokens Stolen in Phishing Attack The Hacker [email protected] (The Hacker News)
July 20, 2025

Cybersecurity researchers have alerted to a supply chain attack that has targeted popular npm packages via a phishing campaign designed to steal the project maintainers' npm tokens. The captured tokens were …


Hackers Exploit Critical CrushFTP Flaw to Gain Admin Access on Unpatched Servers The Hacker [email protected] (The Hacker News)
July 20, 2025

A newly disclosed critical security flaw in CrushFTP has come under active exploitation in the wild. Assigned the CVE identifier CVE-2025-54309, the vulnerability carries a CVSS score of 9.0. "CrushFTP 10 …


‘PoisonSeed’ Attacker Skates Around FIDO Keys darkreadingAlexander Culafi
July 18, 2025

Researchers discovered a novel phishing attack that serves the victim a QR code as part of supposed multifactor authentication (MFA), in order to get around FIDO-based protections. Researchers discovered a novel …


China’s Massistant Tool Secretly Extracts SMS, GPS Data, and Images From Confiscated Phones The Hacker [email protected] (The Hacker News)
July 18, 2025

Cybersecurity researchers have shed light on a mobile forensics tool called Massistant that's used by law enforcement authorities in China to gather information from seized mobile devices. The hacking tool, believed …


UNG0002 Group Hits China, Hong Kong, Pakistan Using LNK Files and RATs in Twin Campaigns The Hacker [email protected] (The Hacker News)
July 18, 2025

Multiple sectors in China, Hong Kong, and Pakistan have become the target of a threat activity cluster tracked as UNG0002 (aka Unknown Group 0002) as part of a broader cyber …