Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

FBI and CISA Warn of Interlock Ransomware Targeting Critical Infrastructure

FBI warns of Interlock ransomware using unique tactics to hit businesses and critical infrastructure with double extortion.

HackRead
Open in Source
#vulnerability#web#mac#windows#google#microsoft#linux#cisco#git#pdf#auth#chrome
US Nuclear Agency Hacked in Microsoft SharePoint Frenzy

Threat actors are piling on the zero-day vulnerabilities in SharePoint, including at least three Chinese nation-state cyber-espionage groups.

Microsoft Most Phished Brand in Q2 2025, Check Point Research

Microsoft was the most impersonated brand in phishing attacks during Q2 2025, accounting for 25% of all attempts, according to Check Point Research.

CISA Orders Urgent Patching After Chinese Hackers Exploit SharePoint Flaws in Live Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), on July 22, 2025, added two Microsoft SharePoint flaws, CVE-2025-49704 and CVE-2025-49706, to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. To that end, Federal Civilian Executive Branch (FCEB) agencies are required to remediate identified vulnerabilities by July 23, 2025. "CISA is

Microsoft Integrates Data Lake With Sentinel SIEM

Microsoft Sentinel Data Lake aims to provide inexpensive storage for large volumes of telemetry, while threat intelligence will be included with Defender XDR at no extra cost.

Coyote Trojan First to Use Microsoft UI Automation in Bank Attacks

Coyote Trojan becomes first malware to abuse Microsoft’s UI Automation in real attacks, targeting banks and crypto platforms with stealthy tactics.

3 China Nation-State Actors Target SharePoint Bugs

Hackers and cybercrime groups are part of a virtual feeding frenzy, after Microsoft's recent disclosure of new vulnerabilities in on-premises editions of SharePoint Server.

Microsoft Reveals Chinese State Hackers Exploiting SharePoint Flaws

Microsoft reveals Chinese state-backed hacker groups, including Linen Typhoon, Violet Typhoon, and Storm-2603, are exploiting SharePoint flaws, breaching over 100 organisations. Discover threat actors, their tactics and Microsoft's urgent security guidance.

Microsoft Links Ongoing SharePoint Exploits to Three Chinese Hacker Groups

Microsoft has formally tied the exploitation of security flaws in internet-facing SharePoint Server instances to two Chinese hacking groups called Linen Typhoon and Violet Typhoon as early as July 7, 2025, corroborating earlier reports. The tech giant said it also observed a third China-based threat actor, which it tracks as Storm-2603, weaponizing the flaws as well to obtain initial access to

About Remote Code Execution – Microsoft SharePoint Server “ToolShell” (CVE-2025-53770) vulnerability

About Remote Code Execution – Microsoft SharePoint Server “ToolShell” (CVE-2025-53770) vulnerability. SharePoint is a web application developed by Microsoft for corporate intranet portals, document management, and collaborative work. A flaw in the deserialization mechanism of an on-premises SharePoint Server instance allows remote unauthenticated attackers to execute arbitrary code. 👾 On July 18, Eye Security researchers […]