CVE-2025-53771 Microsoft SharePoint Server Spoofing Vulnerability
Improper limitation of a pathname to a restricted directory (‘path traversal’) in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2025-53770 Microsoft SharePoint Server Remote Code Execution Vulnerability
The security update is avaialble for Microsoft SharePoint Server Subscription Edition. Microsoft strongly encourages customers running this version of SharePoint to install this update as soon as possible.
CISA Adds One Known Exploited Vulnerability, CVE-2025-53770 “ToolShell,” to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. See CISA’s Alert Microsoft Releases Guidance on Exploitation of SharePoint Vulnerability (CVE-2025-53770) for more information and to apply the recommended mitigations. CVE-2025-53770: Microsoft SharePoint Server Remote Code Execution Vulnerability These types of vulnerabilities are frequent attack vectors for […]
The SOC files: Rumble in the jungle or APT41’s new target in Africa
Introduction Some time ago, Kaspersky MDR analysts detected a targeted attack against government IT services in the African region. The attackers used hardcoded names of internal services, IP addresses, and proxy servers embedded within their malware. One of the C2s was a captive SharePoint server within the victim’s infrastructure. During our incident analysis, we were […]
