The Breach News

Severe Unpatched SharePoint Zero-Day Under Active Exploitation, Compromises Over 75 Company Servers

July 20, 2025
Zero-Day / Vulnerability

A serious security flaw in Microsoft SharePoint Server has been weaponized in an ongoing, large-scale exploitation campaign. The zero-day vulnerability, identified as CVE-2025-53770 (CVSS score: 9.8), is a variant of CVE-2025-49704 (CVSS score: 8.8), which was addressed by Microsoft in their July 2025 Patch Tuesday updates. Microsoft explained that “deserialization of untrusted data in on-premises Microsoft SharePoint Server enables unauthorized attackers to execute code over a network,” as detailed in an advisory released on July 19, 2025. The company is actively preparing a comprehensive update to mitigate this issue. Viettel Cyber Security is credited with discovering and reporting the flaw through Trend Micro’s Zero Day Initiative (ZDI). Additionally, Microsoft has acknowledged awareness of ongoing attacks related to this vulnerability.

Critical Unpatched SharePoint Zero-Day Under Active Exploitation, Compromises Over 75 Company Servers July 20, 2025 In an alarming development, a critical zero-day vulnerability in Microsoft SharePoint Server has been actively exploited in a large-scale attack campaign, leading to the breach of more than 75 company servers. This vulnerability, designated as…

Read More

Severe Unpatched SharePoint Zero-Day Under Active Exploitation, Compromises Over 75 Company Servers

July 20, 2025
Zero-Day / Vulnerability

A serious security flaw in Microsoft SharePoint Server has been weaponized in an ongoing, large-scale exploitation campaign. The zero-day vulnerability, identified as CVE-2025-53770 (CVSS score: 9.8), is a variant of CVE-2025-49704 (CVSS score: 8.8), which was addressed by Microsoft in their July 2025 Patch Tuesday updates. Microsoft explained that “deserialization of untrusted data in on-premises Microsoft SharePoint Server enables unauthorized attackers to execute code over a network,” as detailed in an advisory released on July 19, 2025. The company is actively preparing a comprehensive update to mitigate this issue. Viettel Cyber Security is credited with discovering and reporting the flaw through Trend Micro’s Zero Day Initiative (ZDI). Additionally, Microsoft has acknowledged awareness of ongoing attacks related to this vulnerability.

Ukrainian Children Recruited for Cyber Operations and Reconnaissance in Russian Strikes

Dec 16, 2024
Cyber Attacks / Cyber Espionage

The Security Service of Ukraine (SBU) has uncovered a new espionage initiative allegedly led by Russia’s Federal Security Service (FSB), involving the recruitment of Ukrainian minors for illicit activities disguised as “quest games.” Law enforcement officials detained two groups of FSB agents in a special operation in Kharkiv, which included only children aged 15 and 16. According to the SBU, “The minors undertook hostile missions involving reconnaissance, targeting adjustments, and arson.” To obscure their subversive roles, both factions operated independently. Under the FSB’s quest game framework, the children were provided with geographic coordinates and tasked with reaching specified locations, capturing photos and videos of targets, and offering a description of the surrounding environment. The findings from these reconnaissance missions…

Ukrainian Minors Targeted for Espionage Activities Linked to Russian Cyber Operations December 16, 2024 Cyber Attack / Cyber Espionage In a troubling development in the realm of cybersecurity, the Security Service of Ukraine (SBU) has unveiled a sophisticated espionage campaign believed to be directed by Russia’s Federal Security Service (FSB).…

Read More

Ukrainian Children Recruited for Cyber Operations and Reconnaissance in Russian Strikes

Dec 16, 2024
Cyber Attacks / Cyber Espionage

The Security Service of Ukraine (SBU) has uncovered a new espionage initiative allegedly led by Russia’s Federal Security Service (FSB), involving the recruitment of Ukrainian minors for illicit activities disguised as “quest games.” Law enforcement officials detained two groups of FSB agents in a special operation in Kharkiv, which included only children aged 15 and 16. According to the SBU, “The minors undertook hostile missions involving reconnaissance, targeting adjustments, and arson.” To obscure their subversive roles, both factions operated independently. Under the FSB’s quest game framework, the children were provided with geographic coordinates and tasked with reaching specified locations, capturing photos and videos of targets, and offering a description of the surrounding environment. The findings from these reconnaissance missions…

KLM Announces Customer Data Breach Associated with Third-Party System

KLM Airlines Reports Data Breach Affecting Customer Information KLM Airlines, officially known as KLM Royal Dutch Airlines and a key player in the French-Dutch aviation sector, has informed its customers about a recent data breach that compromised certain personal information. The breach occurred due to unauthorized access to a third-party…

Read MoreKLM Announces Customer Data Breach Associated with Third-Party System

Google and Cisco Report CRM Software Breaches Caused by Vishing Attacks

Cybercrime, Fraud Management & Cybercrime Voice Phishing Attacks Target Salesforce Users: A Persistent ShinyHunters Strategy Mathew J. Schwartz (euroinfosec) • August 6, 2025 Be cautious of voice phishing calls from the ShinyHunters cybercrime group. (Image: Shutterstock) In an alarming trend, technology giants Google and Cisco disclosed separate incidents of data…

Read MoreGoogle and Cisco Report CRM Software Breaches Caused by Vishing Attacks

Australian Scaleup Set to Deliver AI-Driven Data Protection to the Ministry of Defence

The UK Ministry of Defence (MoD) has partnered with Australian firm Castlepoint Systems to enhance its data security protocols. This collaboration will focus on overseeing complex datasets using Castlepoint’s artificial intelligence (AI) technology to mitigate the risk of data breaches, both accidental and malicious. The move follows a significant data…

Read MoreAustralian Scaleup Set to Deliver AI-Driven Data Protection to the Ministry of Defence

⚡ THN Weekly Update: Key Cybersecurity Threats, Tools, and Insights

Dec 16, 2024
Cyber Threats / Weekly Update

This week brought significant and concerning developments in cybersecurity. From subtle but impactful attacks on widely-used business tools to hidden vulnerabilities in common devices, there’s plenty that may have gone unnoticed. Cybercriminals are not only rehashing old tactics but also discovering new ones, targeting systems of all sizes. On a brighter note, law enforcement has made strides against dubious online markets, while major tech companies scramble to fix vulnerabilities before they escalate. If you’ve been too busy to stay informed, now’s the ideal time to catch up on what you might have missed.

⚡ Threat of the Week

Cleo Vulnerability Faces Active Exploitation
A severe vulnerability (CVE-2024-50623) in Cleo’s file transfer software—Harmony, VLTrader, and LexiCom—has come under active attack by cybercriminals, posing significant security threats to organizations globally. This flaw allows unauthorized remote code execution, heightening the urgency for organizations to address the issue.

THN Weekly Recap: Key Cybersecurity Threats, Tools, and Tips Published: December 16, 2024 The past week has revealed significant challenges in the cybersecurity landscape, highlighting the evolving tactics of cybercriminals. From subtle yet impactful attacks targeting widely-used business tools to the discovery of critical vulnerabilities in everyday devices, many urgent…

Read More

⚡ THN Weekly Update: Key Cybersecurity Threats, Tools, and Insights

Dec 16, 2024
Cyber Threats / Weekly Update

This week brought significant and concerning developments in cybersecurity. From subtle but impactful attacks on widely-used business tools to hidden vulnerabilities in common devices, there’s plenty that may have gone unnoticed. Cybercriminals are not only rehashing old tactics but also discovering new ones, targeting systems of all sizes. On a brighter note, law enforcement has made strides against dubious online markets, while major tech companies scramble to fix vulnerabilities before they escalate. If you’ve been too busy to stay informed, now’s the ideal time to catch up on what you might have missed.

⚡ Threat of the Week

Cleo Vulnerability Faces Active Exploitation
A severe vulnerability (CVE-2024-50623) in Cleo’s file transfer software—Harmony, VLTrader, and LexiCom—has come under active attack by cybercriminals, posing significant security threats to organizations globally. This flaw allows unauthorized remote code execution, heightening the urgency for organizations to address the issue.

CISA Reveals Final $100M Cybersecurity Grants Amid Rising State Challenges

Cybersecurity Spending, Government, Industry Specific $100M in State Cyber Grants Signals Reduced Federal Support Amid Increasing Demand Chris Riotta (@chrisriotta) • August 5, 2025 The Cybersecurity and Infrastructure Security Agency (CISA) has revealed a $100 million grant initiative designed to boost cybersecurity frameworks at the state and local levels. This…

Read MoreCISA Reveals Final $100M Cybersecurity Grants Amid Rising State Challenges

Ten Women File Lawsuit Against Tea App After Hacked Photos Are Leaked Online

The Tea app, designed to facilitate anonymous sharing of information among women regarding local men, has recently faced serious legal challenges following a significant data breach. This incident exposed a large volume of sensitive data, including thousands of selfies, ID photographs, and private conversations, leading to ten potential class action…

Read MoreTen Women File Lawsuit Against Tea App After Hacked Photos Are Leaked Online

Security Vulnerability: Hard-Coded Credentials in HPE Instant On Devices Enable Unauthorized Admin Access

Date: July 21, 2025
Category: Network Security / Vulnerability

Hewlett-Packard Enterprise (HPE) has issued critical security updates to rectify a significant vulnerability in Instant On Access Points. This flaw, identified as CVE-2025-37103, has a CVSS rating of 9.8 out of 10 and allows attackers to bypass authentication, potentially granting them administrative access to affected systems. According to the advisory, “Hard-coded login credentials were discovered in HPE Networking Instant On Access Points, enabling anyone aware of these credentials to circumvent standard device authentication.” Additionally, HPE has addressed another security issue involving authenticated command injection in the command-line interface (CVE-2025-37102, CVSS score: 7.2), which could allow remote attackers to execute arbitrary commands on the operating system with elevated privileges.

Critical Security Flaw Discovered in HPE Instant On Devices, Granting Admin Access On July 21, 2025, Hewlett-Packard Enterprise (HPE) announced the release of crucial security patches aimed at rectifying a significant vulnerability in its Instant On Access Points. This flaw presents an opportunity for attackers to bypass authentication measures, thereby…

Read More

Security Vulnerability: Hard-Coded Credentials in HPE Instant On Devices Enable Unauthorized Admin Access

Date: July 21, 2025
Category: Network Security / Vulnerability

Hewlett-Packard Enterprise (HPE) has issued critical security updates to rectify a significant vulnerability in Instant On Access Points. This flaw, identified as CVE-2025-37103, has a CVSS rating of 9.8 out of 10 and allows attackers to bypass authentication, potentially granting them administrative access to affected systems. According to the advisory, “Hard-coded login credentials were discovered in HPE Networking Instant On Access Points, enabling anyone aware of these credentials to circumvent standard device authentication.” Additionally, HPE has addressed another security issue involving authenticated command injection in the command-line interface (CVE-2025-37102, CVSS score: 7.2), which could allow remote attackers to execute arbitrary commands on the operating system with elevated privileges.