Microsoft SharePoint Zero-Day

Chinese hackers are exploiting a high-severity vulnerability in Microsoft SharePoint to steal data worldwide: The vulnerability, tracked as CVE-2025-53770, carries a severity rating of 9.8 out of a possible 10. It gives unauthenticated remote access to SharePoint Servers exposed to the Internet...

A week in security (July 21 – July 27)

A list of topics we covered in the week of July 21 to July 27 of 2025 Last week on Malwarebytes Labs: Steam games abused to deliver malware once again Watch out: Instagram users targeted in novel phishing campaign Age verification: Child protection or privacy risk? iPhone vs. Android: iPhone user...

pentest-wiki

This repository is an online security knowledge library for pentesters/researchers, providing information on various topics related to information gathering. The repository contains documentation on how to gather whois and DNS information, as well as Linux system architecture, processes, and user...

National Nuclear Security Administration Systems Breached in SharePoint Cyberattack

National Nuclear Security Administration and National Institutes of Health targeted in global Microsoft SharePoint vulnerability exploitation. Chinese hacking groups suspected in widespread data breaches...

Europol Arrests XSS Forum Admin in Kyiv After 12-Year Run Operating Cybercrime Marketplace

Europol on Monday announced the arrest of the suspected administrator of XSS.is formerly DaMaGeLaB, a notorious Russian-speaking cybercrime platform. The arrest, which took place in Kyiv, Ukraine, on July 222, 2025, was led by the French Police and Paris Prosecutor, in collaboration with Ukrainia...

Microsoft Put Older Versions of SharePoint on Life Support. Hackers Are Taking Advantage

Multiple hacking groups—including state actors from China—have targeted a vulnerability in older, on-premises versions of the file-sharing tool after a flawed attempt to patch it...

The Postman: a Journey of Ethical Hacking in PosteID/SPID Borderland

This paper presents a vulnerability assessment activity that we carried out on PosteID, the implementation of the Italian Public Digital Identity System SPID by Poste Italiane. The activity led to the discovery of a critical privilege escalation vulnerability, which was eventually patched. The...

Understanding the Impact of Scattered Spider on the Airline & Transportation Industry

In June, the FBI publicly warned that Scattered Spider is actively targeting the aviation and transportation sectors, including well-known airlines and their third-party IT vendors. In this post, we will provide a brief overview of Scattered Spider, insights gathered by our research team into the...

How China’s Patriotic ‘Honkers’ Became the Nation’s Elite Cyberspies

A new report traces the history of the early wave of Chinese hackers who became the backbone of the state's espionage apparatus...

Enterprise Security Incident Analysis and Countermeasures Based on the T-Mobile Data Breach

This paper presents a comprehensive analysis of T-Mobile's critical data breaches in 2021 and 2023, alongside a full-spectrum security audit targeting its systems, infrastructure, and publicly exposed endpoints. By combining case-based vulnerability assessments with active ethical hacking...

Ex US Soldier Cameron Wagenius Guilty in Telecom Hacking and Extortion

Former US Army soldier Cameron Wagenius pleads guilty to hacking telecom companies and extorting $1 million+ using cybercrime forums like BreachForums and XSS...

Exploit for Incorrect Authorization in Canonical Ubuntu_Linux

phpMyAdmin 4.8.1 - Remote Code Execution RCE Exploit !Lic...

Researchers Jailbreak Elon Musk’s Grok-4 AI Within 48 Hours of Launch

Elon Musk's Grok-4 AI was compromised within 48 hours. Discover how NeuralTrust researchers combined "Echo Chamber" and "Crescendo"…...

4 Arrested Over Scattered Spider Hacking Spree

Plus: An “explosion” of AI-generated child abuse images is taking over the web, a Russian professional basketball player is arrested on ransomware charges, and more...

Leaked Shellter Elite Tool Now Fueling Infostealer Attacks Worldwide

A new report details how the advanced hacking tool Shellter Elite was leaked and is now being used…...

PT-2025-29082

Name of the Vulnerable Software and Affected Versions: OpenSynergy BlueSDK versions through 6.x Description: The OpenSynergy BlueSDK Bluetooth stack contains a flaw due to incorrect handling of a network packet header and an incorrect variable used as a function argument. This can allow a remote...

Exploit for CVE-2015-0273

phpcodz Php Codz Hacking http://www.80vul.com/pch/ What is PHP? PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. If you are new to PHP and want to get some idea of how it works, try the introductory tutorial. Afte...

TA829 and UNK_GreenSec Share Tactics and Infrastructure in Ongoing Malware Campaigns

Cybersecurity researchers have flagged the tactical similarities between the threat actors behind the RomCom RAT and a cluster that has been observed delivering a loader dubbed TransferLoader. Enterprise security firm Proofpoint is tracking the activity associated with TransferLoader to a group...

Over 1,000 SOHO Devices Hacked in China-linked LapDogs Cyber Espionage Campaign

Threat hunters have discovered a network of more than 1,000 compromised small office and home office SOHO devices that have been used to facilitate a prolonged cyber espionage infrastructure campaign for China-nexus hacking groups. The Operational Relay Box ORB network has been codenamed LapDogs ...

Chinese Group Silver Fox Uses Fake Websites to Deliver Sainbox RAT and Hidden Rootkit

A new campaign has been observed leveraging fake websites advertising popular software such as WPS Office, Sogou, and DeepSeek to deliver Sainbox RAT and the open-source Hidden rootkit. The activity has been attributed with medium confidence to a Chinese hacking group called Silver Fox aka Void...