The U.S. Cybersecurity and Infrastructure Security Agency (CISA), on July 22, 2025,addedtwo Microsoft SharePoint flaws, CVE-2025-49704 and CVE-2025-49706, to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
To that end, Federal Civilian Executive Branch (FCEB) agencies are required to remediate identified vulnerabilities by July 23, 2025.
"CISA is aware of active exploitation of a spoofing and RCE vulnerability chain involving CVE-2025-49706 and CVE-20...
Interlock ransomware gang is ramping up activity, CISA warns
IT Pro Security
1 hour ago
The threat group, which uses a double-extortion technique, has been attacking organizations across North America and Europe...