Security researchers at Google and Microsoft say they have evidence that hackers backed by China are exploiting a zero-day bug in Microsoft SharePoint, as companies around the world scramble to patch the flaw. The bug, known officially as CVE-2025-53770 and discovered last weekend, allows hackers to steal sensitive private keys from self-hosted versions of SharePoint,…
The hackers behind the initial wave of attacks exploiting a zero-day in Microsoft SharePoint servers have so far primarily targeted government organizations, according to researchers as well as news reports. Over the weekend U.S. cybersecurity agency CISA published an alert, warning that hackers were exploiting a previously unknown bug — known as a “zero-day” —…
Security researchers say they have caught a surveillance company in the Middle East exploiting a new attack capable of tricking phone operators into disclosing a cell subscriber’s location. The attack relies on bypassing security protections that carriers have put in place to protect intruders from accessing SS7, or Signaling System 7, a private set of…
