Attackers Exploit Zero-Day Flaws in On-Premises SharePoint

Prajeet Nair • July 21, 2025

Hackers have been exploiting a zero-day vulnerability dubbed "ToolShell" in on-premises installations of Microsoft SharePoint to gain remote access, and steal cryptographic keys and data. As Microsoft rolls out patches, experts warn administrators to also rotate keys, to help eject attackers.

►

Artificial Intelligence & Machine Learning

How AI Expands SASE's Role in Policy, Operations Efficiency

Latest

Cybercrime

Hackers Exploit FIDO MFA With Novel Phishing Technique

Prajeet Nair • July 19, 2025

Expel researchers have found a novel adversary-in-the-middle phishing technique used by PoisonSeed, a cybercrime group previously tied to large-scale cryptocurrency thefts, to sidestep one of the most secure forms of multifactor authentication - FIDO2 physical keys.

Application Security

Botnet Abuses GitHub Repositories to Spread Malware

Prajeet Nair • July 18, 2025

Threat actors are using public GitHub repositories to host and distribute malware through the Amadey botnet in an ongoing campaign linked to a broader malware-as-a-service operation, Cisco Talos said in a report published Thursday.

Artificial Intelligence & Machine Learning

Security, AI Oversight Are Flashpoints in Draft Defense Bill

Chris Riotta • July 18, 2025

Washington is wagering that future conflicts will unfold as much in cyberspace as on the battlefield, with House and Senate lawmakers unveiling dueling drafts of a nearly $900 billion defense bill that spotlights needs for cybersecurity and artificial intelligence technology.

Artificial Intelligence & Machine Learning

Why the ROI of Enterprise AI Still Eludes Many Firms

Rashmi Ramesh • July 18, 2025

As enterprises pour billions into generative AI, many struggle to translate hype into measurable returns on investment. From data prep costs and hallucination risk to poor implementation and organizational inertia, experts say the real payoff may still be years away.

Fraud Management & Cybercrime

Attackers Target Legacy Code in TeleMessage's Signal Clone

Mathew J. Schwartz • July 18, 2025

Attackers are actively attempting to exploit a vulnerability that exists in older versions of the Signal message app clone TeleMessage TM SGNL, built by Smarsh to keep copies of all communications, including the ability to comply with federal record-keeping requirements.

Anti-Phishing, DMARC

China-Backed Hackers Intensify Attacks on Taiwan Chipmakers

Prajeet Nair • July 17, 2025

Chinese state-aligned hackers have ramped up espionage efforts against Taiwan's semiconductor ecosystem through spear-phishing campaigns. Three distinct threat actors targeted chipmakers, packaging and testing firms, equipment suppliers and financial analysts.

Governance & Risk Management

Golden dMSA Flaw Exposes Firms to Major Credential Theft

Prajeet Nair • July 17, 2025

A critical cryptographic flaw in Windows Server 2025's delegated Managed Service Accounts, or dMSAs, allows attackers to generate passwords for every managed service account across an Active Directory forest and create a backdoor, Semperis researchers found.

Security Operations

Coro's New CEO Prioritizes Channel-Driven Global Expansion

Michael Novinson • July 17, 2025

As Coro's new CEO, Joe Sykora is steering the SMB cybersecurity platform provider toward rapid international growth with a 100% partner-focused strategy, revamped operations and new tools for MSPs in an effort to dominate the underserved small and midsize business cybersecurity market.

Fraud Management & Cybercrime

Extradited Armenian Tied to Ryuk Ransomware Faces US Trial

Mathew J. Schwartz • July 17, 2025

A 33-year-old Armenian man, Karen Vardanyan, accused of facilitating Ryuk ransomware attacks against numerous organizations, is due to stand trial in the U.S. in August. The FBI said the Ryuk operation earned at least $15 million in cryptocurrency ransom payments from victims.

Cybercrime

Breach Roundup: Fashion House Louis Vuitton Confirms Breach

Anviksha More • July 17, 2025

This week: Louis Vuitton and Co-op confirm breaches, unpatched train brake flaw, Barclays fined £42M pounds for financial crime failures, secret U.K. program relocated thousands of Afghans, ex-soldier pleads guilty to hacking, Ukrainian hackers claim hit on Russian drone supplier.

Cloud Security

Wiz Deal Highlights Google's Multi-Cloud Security Strategy

Michael Novinson • July 17, 2025

COO Francis deSouza shares insights into Google Cloud’s security priorities as it pursues the $32 billion acquisition of Wiz. He explains the need for seamless multi-cloud protection, the value of Mandiant's threat intelligence, and how AI is changing threat detection and response at scale.

Cybercrime

Topsy-Turvy Data Breach Reality: Incidents Up, Victims Down

Mathew J. Schwartz • July 17, 2025

Data breaches rage on. In the first half of this year, the Identity Theft Resource Center counted 1,732 total data breaches affecting 166 million people, marking a rise in data breaches but a decline in victims, likely due to a drop in mega-breaches.