Chinese cyber spies among those linked to SharePoint attacks

Threat Level

49% Computer Weekly IT Security 1 day ago Part of cluster #1310

An as-yet unnamed Chinese state threat actor appears to be among those exploiting CVE-2025-53770 (aka ToolShell), a remote code execution vulnerability in Microsoft SharePoint , to conduct cyber attacks, according to intelligence. GPT.display('halfpage') GPT.display('mu-1') Since it emerged over the weekend of 19-20 July , the highly publicised nature of CVE-2025-53770, which bypasses two previously patched flaws, has drawn the attention of threat actors thanks to the considerable danger it...

Continue Reading on Original Site

Recommended Articles

US Nuclear Agency Breach Tied to SharePoint Zero-Days

Data Breach Today UK 32 minutes ago

Over 400 Organizations Breached Via Ongoing ToolShell Attacks, Researchers Warn The U.S. government agency that maintains and designs America's nuclear weapons was reportedly breached by attackers exp...

Critical Vulnerability in JavaScript Library Exposes Millions of Apps to Code Execution Attacks

Cybersecurity News 3 hours ago

A critical security vulnerability has been discovered in the widely-used JavaScript form-data library, potentially exposing millions of applications to code execution attacks. The vulnerability, assi...

Interlock ransomware gang is ramping up activity, CISA warns

IT Pro Security 4 hours ago

The threat group, which uses a double-extortion technique, has been attacking organizations across North America and Europe...

UK’s Ransomware Payment Ban: Bold Strategy or Dangerous Gamble?

SecurityWeek 4 hours ago

Critics warn that a ban on ransomware payments may lead to dangerous unintended consequences, including forcing victims into secrecy or incentivizing attackers to shift tactics....

US nuclear weapons agency reportedly hacked in SharePoint attacks

BleepingComputer 1 hour ago

US nuclear weapons agency reportedly hacked in SharePoint attacks Sergiu Gatlan July 23, 2025 11:14 AM 0 Unknown threat actors have reportedly breached the National Nuclear Security Administration's n...

Threat Intelligence

APT Groups 3

Ransomware 1

One

Malware 3

DYEPACK Leverage Nexus

Attack Types 3

Advanced Persistent Threat Ransomware Remote Code Execution

Vulnerabilities 2

Remote Code Execution Zero-Day

Business Intelligence

Companies 2

Google Microsoft

Industries 1

Healthcare

Security Vendors 2

Mandiant SentinelOne

Agencies 1

CISA

Countries 1

China

Platforms 3

Exchange Server Microsoft Exchange SharePoint

Technical Indicators

CVEs 2

CVE-2025-53770 CVE-2025-53771

Domains

ASP.NET

Information

Article ID: #4290
Published: 1 day ago
Source: Computer Weekly IT Security

Recommended Articles

US Nuclear Agency Breach Tied to SharePoint Zero-Days

Critical Vulnerability in JavaScript Library Exposes Millions of Apps to Code Execution Attacks

Interlock ransomware gang is ramping up activity, CISA warns

UK’s Ransomware Payment Ban: Bold Strategy or Dangerous Gamble?

US nuclear weapons agency reportedly hacked in SharePoint attacks

Save to Folder

We use cookies

Cookie Settings

Essential Cookies

Analytics Cookies

Performance Cookies

Marketing Cookies