Microsoft SharePoint zero-day exploited in RCE attacks, no patch available

Published on July 20, 2025

A critical zero-day vulnerability in Microsoft SharePoint, tracked as CVE-2025-53770, has been actively exploited since at least July 18th, with no patch available and at least 85 servers already compromised worldwide. [...]

Continue reading on website
Other news

HPE warns of hardcoded passwords in Aruba access points

July 20, 2025
Hewlett-Packard Enterprise (HPE) is warning of hardcoded credentials in Aruba Instant On Access Points that allow attackers to bypass normal device authentication and access the web interface. [...]

EncryptHub Targets Web3 Developers Using Fake AI Platforms to Deploy Fickle Stealer Malware

July 20, 2025
The financially motivated threat actor known as EncryptHub (aka LARVA-208 and Water Gamayun) has been attributed to a new campaign that's targeting Web3 developers to infect them with information stealer malware."LARVA-208 has evolved its tactics, using fake AI platforms (e.g., Norlax AI, mimicking Teampilot) to lure victims with job offers or portfolio review requests," Swiss cybersecurity