Aggregator

You must login to view this content

Quality threat intelligence has traditionally been the domain of enterprise-level budgets and premium subscriptions. The kind of fresh, actionable data that transforms how SOCs operate has remained frustratingly out of reach for many organizations. Until now.  A Game-Changing Opportunity For Your Security Operations  ANY.RUN has just made an unprecedented move that will reshape how security […]

The post Exclusive! Threat Intelligence That Powers Best SOCs Worldwide Is Now Free   appeared first on Cyber Security News.

You must login to view this content

Linen Typhoon, Violet Typhoon and Storm-2603 are behind the initial attack spree that erupted over the weekend. Other threat groups are now following suit.

The post Microsoft SharePoint zero-day attacks pinned on China-linked ‘Typhoon’ threat groups appeared first on CyberScoop.

APT39, a hacker collective connected to Iran’s Ministry of Intelligence and Security (MOIS), was exposed as operating through the compromised internal systems of the Iranian company Amnban, Sharif Advanced Technologies, in a significant cybersecurity incident. Launched in 2018 with credentials from Sharif University and Amir Kabir alumni, Amnban presented itself as a legitimate penetration testing […]

The post Iranian Hackers Target Global Airlines to Steal Sensitive Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

As Microsoft puts the final patch in place, a growing number of hackers, including several China state-sponsored threat groups, are quickly pushing forward to exploit the security flaws that will allow them compromise on-premises SharePoint servers to steal data and maintain persistence.

The post Microsoft Patches SharePoint Flaws as Hackers Rush to Exploit Them appeared first on Security Boulevard.

Hexagon ETQ’s Java-based quality management system, ETQ Reliance, has several serious flaws, according to a new security research revelation by Assetnote. The software, which facilitates document and form management with integrations like Microsoft Word macros and Jython scripting, has been found susceptible to exploits ranging from reflected cross-site scripting (XSS) to XML External Entity (XXE) […]

The post ETQ Reliance RCE Flaw Grants Full SYSTEM Access with a Single Space appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

As Microsoft continues to update its customer guidance for protecting on-prem SharePoint servers against the latest in-the-wild attacks, more security firms have begun sharing details about the ones they have detected. Most intriguingly, Check Point Research says that they observed the first exploitation attempts on July 7th, with the target being a major Western government. That date not only precedes the publication of the screenshot of the ToolShell exploit chain (CVE-2025-49706 + CVE-2025-49704) in action … More →

The post Microsoft pins on-prem SharePoint attacks on Chinese threat actors appeared first on Help Net Security.