CVE-2025-54309 could allow remote attackers to obtain admin access via HTTPS

Unknown attackers have exploited a vulnerability (CVE-2025‑54309) in the CrushFTP enterprise file-transfer server solution to gain administrative access to vulnerable deployments. It’s currently unclear what the attackers are using this access for, but data t…

A fresh vulnerability, CVE-2025-25257 (CVSS 9.6) in Fortinet’s FortiWeb Fabric Connector presents high risk globally. Although the CVE is still only in RESERVED status as of July 14th, 2025, it has already received a national CERT advisory from Belgium’s CERT…

Microsoft patched an exploited SharePoint flaw (CVE-2025-53770) and disclosed a new one, warning of ongoing attacks on on-prem servers. Microsoft released emergency SharePoint updates for two zero-day flaws, tracked as CVE-2025-53770 and CVE-2025-53771, explo…

Microsoft warns of ongoing active exploitation of a SharePoint zero-day vulnerability, tracked as CVE-2025-53770. Microsoft warns of a SharePoint zero-day vulnerability, tracked as CVE-2025-53770 (CVSS score of 9.8), which is under active exploitation. Unfort…

A new critical vulnerability, CVE-2025-53770 (ToolShell), is being actively exploited to attack unpatched on-premises Microsoft SharePoint Servers. Read more...

Microsoft has released emergency SharePoint security updates for two zero-day vulnerabilities tracked as CVE-2025-53770 and CVE-2025-53771 that have compromised services worldwide in "ToolShell" attacks. [...]

Update 7/20/25: Added that there are actually two zero-days exploited and that Microsoft released a security update for SharePoint Subscription Edition. Critical zero-day vulnerabilities in Microsoft SharePoint, tracked as CVE-2025-53770 and CVE-2025-53771, h…

A zero-day vulnerability in Microsoft Corp.’s SharePoint with no known patch is being exploited in the wild with security researchers warning that attackers are actively compromising servers across multiple sectors. The vulnerability, tracked as CVE-2025-5377…

Attackers are exploiting a zero-day variant (CVE-2025-53770) of a SharePoint remote code execution vulnerability (CVE-2025-49706) that Microsoft patched earlier this month, the company has confirmed on Saturday. CVE-2025-53770 is being leveraged to place a ba…

Successful exploitation of CVE-2025-53770 could expose MachineKey configuration details from a vulnerable SharePoint Server, ultimately enabling unauthenticated remote code execution.BackgroundTenable’s Research Special Operations (RSO) team has compiled this…

Microsoft Releases Guidance on Exploitation of SharePoint Vulnerability (CVE-2025-53770)CISA (.gov) Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Company ServersThe Hacker News SharePoint Under Attack: Microsoft Warns of Zero-Day Exp…

Microsoft announced yesterday that a newly discovered critical remote code execution vulnerability in SharePoint is being exploited. There is no patch available. As a workaround, Microsoft suggests using Microsoft Defender to detect any attacks. To use Defend…

A critical zero-day vulnerability in Microsoft SharePoint, tracked as CVE-2025-53770, has been actively exploited since at least July 18th, with no patch available and at least 85 servers already compromised worldwide. [...]

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Fortinet FortiWeb flaw, tracked as CVE-2025-25257, …

CISA is aware of active exploitation of a new remote code execution (RCE) vulnerability enabling unauthorized access to on-premise SharePoint servers. While the scope and impact continue to be assessed, the new Common Vulnerabilities and Exposures (CVE), CVE-…

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. See CISA’s Alert Microsoft Releases Guidance on Exploitation of SharePoint Vulnerability (CVE-2025-53770) for more information and t…

Update (07/22/2025): This Alert was updated to reflect newly released information from Microsoft, and to correct the actively exploited Common Vulnerabilities and Exposures (CVEs), which have been confirmed as CVE-2025-49706, a network spoofing vulnerability,…

A critical security vulnerability in Microsoft SharePoint Server has been weaponized as part of an "active, large-scale" exploitation campaign. The zero-day flaw, tracked as CVE-2025-53770 (CVSS score: 9.8), has been described as a variant of CVE-2025-49706 (…

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Update Google Chrome to fix actively exploited zero-day (CVE-2025-6558) For the fifth time this year, Google has patched a Chrome zero-day vulnerability (CVE-202…