SharePoint is a technology platform tracked across 50 threat clusters and 137 intelligence report mentions on ThreatCluster. First observed October 23, 2025; most recent activity July 17, 2026.
Russian state-backed hackers from APT28 are actively exploiting a high-severity stored cross-site scripting vulnerability (CVE-2025-66376) in the Zimbra Collaboration Suite (ZCS) to target Ukrainian government entities.…
A critical vulnerability in FortiWeb Web Application Firewall (WAF) has been actively exploited, allowing attackers to gain full administrative access to affected systems. Organizations using FortiWeb are at risk of…
FamousSparrow, a China-aligned APT group, launched a multi-wave cyberespionage campaign against an Azerbaijani oil and gas company from late December 2025 to February 2026. The attackers employed an evolved DLL…
Chinese state-backed group TA416 has reemerged with intensified cyber espionage campaigns targeting European governments, following a quiet period since 2023. Proofpoint reported that the group's renewed activity began…
On July 13, 2026, France officially attributed a series of cyber intrusions targeting its government and defense sectors to the Turla intrusion set, linked to Russia's FSB 16th Center. The attacks, ongoing since the…
In July 2026, Adobe and Microsoft released significant security updates addressing numerous vulnerabilities. Adobe issued 12 bulletins for 88 unique CVEs, with a focus on ColdFusion and Commerce patches, including a…
An anonymous researcher known as Bikini has released exploit code for over a dozen zero-day vulnerabilities affecting 15 popular open-source projects, including the Linux kernel and Libssh2. The exploits were disclosed…
Xu Zewei, a 33-year-old Chinese national, was extradited from Italy to the United States on April 27, 2026, following his arrest in Milan on July 3, 2025. He is accused of participating in cyberattacks directed by the…
The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2026-45659, a remote code execution vulnerability in Microsoft SharePoint, to its Known Exploited Vulnerabilities catalog due to active…
The FBI has issued a warning regarding the Kali365 phishing kit, which is actively stealing Microsoft OAuth tokens and bypassing multi-factor authentication (MFA) protocols. First identified in April 2026, Kali365 is…