News

Microsoft SharePoint Hackers Switch Gears to Spread Ransomware
Threat actors exploit SharePoint flaws to access internal systems, steal sensitive data, and carry out surveillance, ...
The Hacker News6h
Storm-2603 Exploits SharePoint Flaws to Deploy Ransomware via DNS-Controlled Backdoor
The activity has been attributed to Storm-2603, which, according to Microsoft, is a suspected China-based threat actor that ...
SecurityWeek1h
In Other News: Microsoft Probes ToolShell Leak, Port Cybersecurity, Raspberry Pi ATM Hack
Microsoft investigates whether the ToolShell exploit was leaked via MAPP, port cybersecurity, physical backdoor used for ATM ...
SharePoint-ageddon attacks riddled with free Warlock ransomware - and thousands of services could be compromised
One strain in circulation is said to be the “Warlock” ransomware, distributed freely within compromised environments. The pattern of chained exploits, combining the newer CVEs with older ones like CVE ...
Que.com on MSN12h
Ransomware Groups Target Microsoft SharePoint Users in Latest Cyberattack
In a world increasingly dependent on digital infrastructure, cybercrime has become an ever-prevalent threat. In the latest wave of cyberattacks, ...
CSO Online4h
Cybercrooks faked Microsoft OAuth apps for MFA phishing
Proofpoint observed campaigns impersonating trusted brands like SharePoint and DocuSign with malicious OAuth applications to ...
Axios on MSN2d
Ransomware gangs are hunting Microsoft SharePoint hack victims
Ransomware gangs are on the hunt for organizations that have yet to patch their vulnerable Microsoft SharePoint servers. Why ...
Techopedia1d
Microsoft SharePoint Attack: Patch Fatigue or Failure of Legacy Systems?
A new SharePoint exploit bypassed Microsoft’s patch, exposing over 8,000 systems and revealing deep flaws in on-premise ...
The Hacker News2h
Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts
The ongoing campaign, first detected in early 2025, is designed to use the OAuth applications as a gateway to obtain ...
Blame a leak for Microsoft SharePoint attacks, researcher insists
"A leak happened here somewhere," Dustin Childs, head of threat awareness at Trend Micro's Zero Day Initiative (ZDI), told ...
Microsoft spotlights Apple bug patched in March as SharePoint exploits continue
Sploitlight turns these plugins into a Transparency, Consent, and Control (TCC) bypass. TCC is a macOS security framework ...
After BlackSuit is taken down, new ransomware group Chaos emerges
Chaos' predecessor, BlackSuit, is a rebranding of an earlier ransomware operation known as Royal. Royal, according to Trend ...