Chinese Hackers Exploit SharePoint Vulnerabilities to Deploy Toolsets Includes Backdoor, Ransomware and Loaders

Threat Score:
61
Cybersecurity News
20 hours ago

Overview

A sophisticated Chinese threat actor has been exploiting critical vulnerabilities in Microsoft SharePoint to deploy an advanced malware toolset dubbed “Project AK47,” according to new research published by Palo Alto Networks Unit 42. The campaign, which has been active since at least March 2025, represents a significant escalation in attacks targeting enterprise SharePoint environments through […]...

Related Articles

5 articles
1

2025-08-07 - Cluster AI Daily Threat Brief

ThreatCluster 7 hours ago

# Daily Threat Intelligence Brief - August 7, 2025 ## Executive Summary Today’s threat landscape presents a multifaceted challenge, with phishing and ransomware emerging as the most critical threats. Recent reports indicate a surge in sophisticated attacks targeting prominent platforms such as Google and Salesforce, leading to significant user data exfiltration. Phishing tactics, including the use of fake CAPTCHA systems to deliver malware, have further exacerbated vulnerabilities within organ

Score
88
Read more
4

Trend Micro fixes two actively exploited Apex One RCE flaws

Security Affairs 15 hours ago

Trend Micro patched two critical Apex One flaws (CVE-2025-54948, CVE-2025-54987) exploited in the wild, allowing RCE via console injection. Trend Micro released fixes for two critical vulnerabilities, tracked as CVE-2025-54948 and CVE-2025-54987 (CVSS score of 9.4), in Apex One on-prem consoles. The cybersecurity vendor confirmed that both issues were actively exploited in the wild. Both […]

Score
76
Read more