ToolShell: Details of CVEs Affecting SharePoint Servers
Cisco Talos is aware of the ongoing exploitation of CVE-2025-53770 and CVE-2025-53771 in the wild. These are path traversal vulnerabilities affecting SharePoint Server Subscription Edition, SharePoint Server 2016, and SharePoint Server 2019.
After website hack, Arizona election officials unload on Trump’s CISA | CyberScoop
As the state responded to a pro-Iranian attack, officials tell CyberScoop that it avoided reaching out to the federal agency, partly because it has been “politicized and weakened” under the president.
Hackers hit Dell product demo platform, but impact is limited
A Dell spokesperson said the site is “intentionally separated from customer and partner systems, as well as Dell’s networks and is not used in the provision of services to Dell customers.”
Iranian Hackers Deploy New Android Spyware Version
New samples of DCHSpy, a spyware implant linked to Iranian APT group MuddyWater, were detected by Lookout one week after the start of the Israel-Iran conflict
ExpressVPN bug leaked user IPs in Remote Desktop sessions
ExpressVPN has fixed a flaw in its Windows client that caused Remote Desktop Protocol (RDP) traffic to bypass the virtual private network (VPN) tunnel, exposing the users' real IP addresses.
Veeam Recovery Orchestrator users locked out after MFA rollout
Veeam warned customers today that a recently released Recovery Orchestrator version blocks Web UI logins after enabling multi-factor authentication (MFA).
Sous les bombes à Kiev avec les cyberdéfenseurs ukrainiens : « Le réseau dépendait de nous »
L’un a vécu deux mois surréalistes dans un data center assiégé. L’autre se réveille la nuit pour combattre les hackers russes. Numerama s’est rendu en Ukraine pour rapporter les histoires de Kostya et Dmytro, haut commandants dans le privé de la cyberdéfence du pays. « Vybachte, odyn moment. » Excusez-moi, un
New malware samples exfiltrate WhatsApp data to target Iran regime’s enemies
Researchers from the cybersecurity firm Lookout detected the latest version of DCHSpy one week after Israel’s June bombing campaign targeting Iran’s nuclear program began. DCHSpy was first detected in 2024, but has since evolved and can now exfiltrate data from WhatsApp and files stored on devices, Lookout said.
Microsoft Fix Targets Attacks on SharePoint Zero-Day
On Sunday, July 20, Microsoft Corp. issued an emergency security update for a vulnerability in SharePoint Server that is actively being exploited to compromise vulnerable organizations. The patch comes amid reports that malicious hackers have used the Sharepoint flaw to…
Dior begins sending data breach notifications to U.S. customers
The House of Dior (Dior) is sending data breach notifications to U.S. customers informing them that a May cybersecurity incident compromised their personal information.
« Bonjour vous êtes chez vous » : comment signaler le célèbre SMS de phishing
Depuis plusieurs semaines, une vaste campagne de phishing par SMS cible les Français. Le désormais célèbre « Bonjour, vous êtes chez vous ? » se révèle bien plus sournois qu’il n’y paraît. La bonne nouvelle, c’est que tout le monde peut agir pour s’en protéger. Rassurez-vous, vous n’êtes pas seuls à l’avoir reçu. Ce