Multiple vulnerabilities were identified in ChromeOS. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution and security restriction bypass on the targeted system. Note: CVE-2025-6558…

A critical zero-day vulnerability in Microsoft SharePoint, tracked as CVE-2025-53770, is under active exploitation in the wild. The vulnerability, with a CVSS score of 9.8, impacts on-premises SharePoint Server 2016, 2019, and Subscription Edition, and allows…

Sophos addressed five Sophos Firewall vulnerabilities that could allow remote attackers to execute arbitrary code. Sophos has fixed five vulnerabilities (CVE-2025-6704, CVE-2025-7624, CVE-2025-7382, CVE-2024-13974, CVE-2024-13973) in Sophos Firewall that coul…

A few days after the exploit originally became widely known, there are now many different SharePoint exploit attempts in circulation. We do see some scans by researchers to identify vulnerable systems (or to scan for common artifacts of compromise), and a few…

The post Metasploit Module Released for Actively Exploited Microsoft SharePoint Flaw CVE-2025-53770 appeared first on Daily CyberSecurity.

On July 19, 2025, Microsoft Security Response Center (MSRC) published a blog addressing active attacks against on-premises SharePoint servers that exploit CVE-2025-49706, a spoofing vulnerability, and CVE-2025-49704, a remote code execution vulnerability. The…

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), on July 22, 2025, added two Microsoft SharePoint flaws, CVE-2025-49704 and CVE-2025-49706, to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. To tha…

Cisco warns of active exploits targeting Identity Services Engine (ISE) and ISE-PIC flaws, first observed in July 2025. Cisco confirmed attempted exploitation in the wild of recently disclosed ISE and ISE-PIC flaws (CVE-2025-20281, CVE-2025-20282, CVE-2025-20…

Microsoft disclosed two critical vulnerabilities, CVE-2025-53771 and CVE-2025-53770, that are exploited to attack SharePoint servers. Possession of these cryptographic machine keys allows an attacker to forge authentication tokens and maintain access even if …

Security researchers at Google and Microsoft say they have evidence that hackers backed by China are exploiting a zero-day bug in Microsoft SharePoint, as companies around the world scramble to patch the flaw. The bug, known officially as CVE-2025-53770 and d…

While SentinelOne did not attribute the attack to a specific threat actor, The Washington Post linked it to China-nexus acors. On July 19, Microsoft confirmed active exploitation of a zero-day vulnerability, tracked as CVE-2025-53770 in on-prem SharePoint Ser…

Hackers are exploiting critical SharePoint flaws (CVE-2025-53770/53771) to breach global targets, including governments and corporations. Microsoft urges immediate action. Learn about the active attacks and how to protect your network from credential theft an…

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-54309 CrushFTP Unprotected Alternate Channel Vulnerability CVE-2025-6558 Google Chromium ANGLE a…

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-49704 Microsoft SharePoint Code Injection Vulnerability CVE-2025-49706 Microsoft SharePoint Impro…

Hackers exploit CrushFTP zero-day, tracked as CVE-2025-54309, to gain admin access via HTTPS when DMZ proxy is off. Threat actors are exploiting a zero-day vulnerability, tracked as CVE-2025-54309 (CVSS score of 9.0), in the managed file transfer software Cru…

IntroductionOn July 19, 2025, Microsoft published an advisory for CVE-2025-53770, a critical zero-day vulnerability that allows unauthenticated attackers to execute arbitrary code impacting on-premises SharePoint servers. The vulnerability, dubbed ToolShell, …

CVE-2025-53770 and CVE-2025-53771 are vulnerabilities in on-premise Microsoft SharePoint Servers that evolved from previously patched flaws, allowing unauthenticated remote code execution through advanced deserialization and ViewState abuse.

Cisco Talos is aware of the ongoing exploitation of CVE-2025-53770 and CVE-2025-53771 in the wild. These are path traversal vulnerabilities affecting SharePoint Server Subscription Edition, SharePoint Server 2016, and SharePoint Server 2019.

Microsoft has released emergency security updates for two actively exploited zero-day vulnerabilities in SharePoint, tracked as CVE-2025-53770 and CVE-2025-53771, that have compromised servers worldwide in what researchers call "ToolShell" attacks. The U.S. C…

2025 綛7 禹礇絅磧彜羂 (2025.07.10) d信罩ｃ Sharepoint CVE-2025-49704 CVE-2025-49706 Pwn2Own ㏍сToolShell 違ToolShell 荐眼 CVE-2025-53770 CVE-2025-53771 違 Sharepoint (⒢ケ 紙с Customer guidance for SharePoint vulnerability CVE-2025-53770 (Microsoft, 2025.07.19…