#Tag · bonfire.cafe

｢ Experts at the Symantec and Carbon Black Threat Hunter Team tracked multiple compromises involving CVE-2025-53770 — a vulnerability that caused alarm this summer when Microsoft warned its on-premises SharePoint customers that three separate China-based groups were exploiting it. Hundreds of governments and prominent businesses use SharePoint, particularly for maintaining their intranets ｣

https://therecord.media/sharepoint-toolshell-bug-breaches-governments-africa-south-america

#toolshel #sharepoint #cybersecurity #CVE202553770

ToolShell bug used by Chinese attackers against governments in Africa, South America

Government agencies in African and South American nations are on the long list of organizations breached through exploitation of a vulnerability in Microsoft SharePoint, incident responders revealed.

jbz

@jbz@indieweb.social · 3 days ago

⚠️ Foreign hackers breached a US nuclear weapons plant via SharePoint flaws

｢ The attackers exploited two recently disclosed Microsoft SharePoint vulnerabilities — CVE-2025-53770, a spoofing flaw, and CVE-2025-49704, a remote code execution (RCE) bug — both affecting on-premises servers. Microsoft issued fixes for the vulnerabilities on July 19 ｣

https://www.csoonline.com/article/4074962/foreign-hackers-breached-a-us-nuclear-weapons-plant-via-sharepoint-flaws.html

#sharepoint #hacking #cybersecurity #CVE202549704 #CVE202553770

CSO Online

Foreign hackers breached a US nuclear weapons plant via SharePoint flaws

A foreign actor infiltrated the National Nuclear Security Administration’s Kansas City National Security Campus through vulnerabilities in Microsoft’s SharePoint browser-based app, raising questions about the need to solidify further federal IT/OT security protections.

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances

Bonfire social · 1.0.0-rc.3.21 no JS en

Automatic federation enabled