Bleeping Computer

Microsoft releases emergency patches for SharePoint RCE flaws exploited in attacks

Microsoft has released emergency SharePoint security updates for two zero-day vulnerabilities tracked as CVE-2025-53770 and CVE-2025-53771 that have compromised services worldwide in "ToolShell" ...
Infosecurity-magazine.com

Phishing Campaign Uses Havoc Framework to Control Infected Systems

A new phishing campaign leveraging the open-source Havoc command-and-control (C2) framework has been discovered. Attackers are using modified versions of Havoc Demon Agent alongside Microsoft Graph ...