ThreatsHub Cybersecurity News

Microsoft has observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon, exploiting vulnerabilities targeting internet-facing SharePoint servers. In addition, we have observed another China-based threat actor, tracked as Storm-2603, exploiting these vulnerabilities. Microsoft has released new comprehensive security updates for all supported versions of SharePoint Server (Subscription Edition, 2019, and 2016) that protect customers against these new vulnerabilities. Customers should apply these updates immediately to ensure they are protected.
The post Disrupting active exploitation of on-premises SharePoint vulnerabilities appeared first on Microsoft Security Blog. READ MORE HERE…

ZDNet | Security

July 22, 2025 TH Author

How AI agents can generate $450 billion by 2028 – and what stands in the way

Through revenue growth and cost savings, agentic AI is a $450 million opportunity, according to a Capgemini report. However, trust in fully autonomous AI agents is declining.READ MORE HERE…

TrendMicro

July 22, 2025 TH Author

Proactive Security Insights for SharePoint Attacks (CVE-2025-53770 and CVE-2025-53771)

CVE-2025-53770 and CVE-2025-53771 are vulnerabilities in on-premise Microsoft SharePoint Servers that evolved from previously patched flaws, allowing unauthenticated remote code execution through advanced deserialization and ViewState abuse. Read More HERE…

TrendMicro

July 22, 2025 TH Author

Back to Business: Lumma Stealer Returns with Stealthier Methods

Lumma Stealer has re-emerged shortly after its takedown. This time, the cybergroup behind this malware appears to be intent on employing more covert tactics while steadily expanding its reach. This article shares the latest methods used to propagate this threat. Read More HERE…

TrendMicro

July 22, 2025 TH Author

Proactive Security and Insights for SharePoint Attacks (CVE-2025-53770 and CVE-2025-53771)

The Register

July 21, 2025 TH Author

Dell scoffs at breach, says miscreants only stole ‘fake data’

No customer, partner info stolen, spokesperson tells The Reg Dell has confirmed that criminals broke into its IT environment and stole some of its data — but told The Register that it’s “primarily synthetic (fake) data.”… READ MORE HERE…

ZDNet | Security

July 21, 2025 TH Author

Why I highly recommend the M4 MacBook Air to most people (and now it’s on sale)

Apple’s M4 MacBook Air elevates the ultraportable game with boosted memory, improved external display support, and a surprisingly competitive price – especially at $150 off.READ MORE HERE…

The Register

July 21, 2025 TH Author

Four new Android spyware samples linked to Iran’s intel agency

Persians added snooping capabilities to DCHSpy after Israeli bombs fell Four new samples of Android spyware linked to the Iranian Ministry of Intelligence and Security (MOIS) that collects WhatsApp data, records audio and video, and hunts for files by name, surfaced shortly after the Iran-Israel conflict began.… READ MORE HERE…

ZDNet | Security

July 21, 2025 TH Author

5 tips for building foundation models for AI

While some business leaders buy large language models, others build their own. Here are five things you need to know.READ MORE HERE…

The Register

July 21, 2025 TH Author

Microsoft patches failed to fix on-prem SharePoint, which is now under zero-day attack

PLUS: China upgrades smartphone surveillance tools; Ring eases anti-snooping stance; and more Infosec In Brief Microsoft has warned users of SharePoint Server that three on-prem versions of the product include a zero-day flaw that is under attack – and that its own failure to completely fix past problems is the cause.… READ MORE HERE…

Cyber Security Trending News

Bad Wi-Fi at home? Try my 10 go-to ways to fix your internet this weekend

Disrupting active exploitation of on-premises SharePoint vulnerabilities

How AI agents can generate $450 billion by 2028 – and what stands in the way

Proactive Security Insights for SharePoint Attacks (CVE-2025-53770 and CVE-2025-53771)

Back to Business: Lumma Stealer Returns with Stealthier Methods

Proactive Security and Insights for SharePoint Attacks (CVE-2025-53770 and CVE-2025-53771)

Dell scoffs at breach, says miscreants only stole ‘fake data’

Why I highly recommend the M4 MacBook Air to most people (and now it’s on sale)

Four new Android spyware samples linked to Iran’s intel agency

5 tips for building foundation models for AI

Microsoft patches failed to fix on-prem SharePoint, which is now under zero-day attack