SharePoint ‘ToolShell’ vulnerabilities being exploited in the wild
Sophos X-Ops sees exploitation across multiple customer estates
Similar Posts
Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models
Bys sUniversity of Toronto researchers have built and tested a proof-of-concept AI-driven computer worm that uses a locally hosted open-weight large language model to reason its way through a network, generate tailored attack strategies for each target it encounters, and replicate itself, all without human intervention and without touching a commercial AI service. The preprint, posted…
Cyber-Attack On Bectu’s Parent Union Sparks UK National Security Concerns
Bys sJake Kanter reports: The cyber-attack on Prospect, the parent union of film and TV group Bectu, has sparked fears that it could have compromised information pertaining to the UK’s national security. Deadline revealed earlier this month that the majority of Prospect’s 150,000 members had their data breached during an “IT security incident” in June. Our original……
Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks
Bys sThe Chinese state-sponsored threat actor known as Mustang Panda has been observed employing a novel technique to evade detection and maintain control over infected systems. This involves the use of a legitimate Microsoft Windows utility called Microsoft Application Virtualization Injector (MAVInject.exe) to inject the threat actor’s malicious payload into an external process, waitfor.exe,
Apple Patches CVE-2025-43300 Zero-Day in iOS, iPadOS, and macOS Exploited in Targeted Attacks
Bys sApple has released security updates to address a security flaw impacting iOS, iPadOS, and macOS that it said has come under active exploitation in the wild. The zero-day out-of-bounds write vulnerability, tracked as CVE-2025-43300, resides in the ImageIO framework that could result in memory corruption when processing a malicious image. “Apple is aware of a…
Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer
Bys sThe Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel artifacts across 19 packages in the Python Package Index (PyPI) registry, as the Mini Shai-Hulud-style attacks continue to be refined and splintered to target specific ecosystems. “The compromised releases shipped a *-setup.pth file that attempts to…
ShinyHunters sent Google an extortion demand; Shiny comments on current activities
Bys sYesterday morning, DataBreaches woke up to a message on Telegram: Even the NSA can’t stop or identify us anymore. The FBI and everyone else is irrelevant and incompetent as far as we’re concerned :). When DataBreaches asked ShinyHunters if anything in particular had inspired that statement, “Shiny1” responded: I heard the NSA is investigating and…