Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Talos Blog
Talos Blogadded 2025/10/23 10:0 a.m.15 views

IR Trends Q3 2025: ToolShell attacks dominate, highlighting criticality of segmentation and rapid response

Threat actors predominately exploited public-facing applications for initial access this quarter, with this tactic appearing in over 60 percent of Cisco Talos Incident Response Talos IR engagements - a notable increase from less than 10 percent last quarter. This spike is largely attributable to ...

9.8CVSS9.7AI score0.99982EPSS
Exploits43
The Hacker News
The Hacker Newsadded 2025/10/22 12:56 p.m.14 views

Chinese Threat Actors Exploit ToolShell SharePoint Flaw Weeks After Microsoft's July Patch

Threat actors with ties to China exploited the ToolShell security vulnerability in Microsoft SharePoint to breach a telecommunications company in the Middle East after it was publicly disclosed and patched in July 2025. Also targeted were government departments in an African country, as well as...

9.8CVSS9.7AI score0.99982EPSS
Exploits45
Talos Blog
Talos Blogadded 2025/10/09 10:0 a.m.12 views

Velociraptor leveraged in ransomware attacks

Cisco Talos has confirmed that ransomware operators are leveraging Velociraptor, an open-source digital forensics and incident response DFIR tool that had not previously been definitively tied to ransomware incidents. We assess with moderate confidence that this activity can be attributed to thre...

5.5CVSS9.9AI score0.00963EPSS
Exploits2
The Hacker News
The Hacker Newsadded 2025/08/01 8:44 a.m.16 views

Storm-2603 Deploys DNS-Controlled Backdoor in Warlock and LockBit Ransomware Attacks

The threat actor linked to the exploitation of the recently disclosed security flaws in Microsoft SharePoint Server is using a bespoke command-and-control C2 framework called AK47 C2 also spelled ak47c2 in its operations. The framework includes at least two different types of clients, HTTP-based...

8.8CVSS7.9AI score0.99907EPSS
Exploits9
The Hacker News
The Hacker Newsadded 2025/07/24 10:37 a.m.19 views

Storm-2603 Exploits SharePoint Flaws to Deploy Warlock Ransomware on Unpatched Systems

Microsoft has revealed that one of the threat actors behind the active exploitation of SharePoint flaws is deploying Warlock ransomware on targeted systems. The tech giant, in an update shared Wednesday, said the findings are based on an "expanded analysis and threat intelligence from our continu...

8.8CVSS8.5AI score0.99907EPSS
Exploits9
The Hacker News
The Hacker Newsadded 2025/07/22 3:45 p.m.11 views

Microsoft Links Ongoing SharePoint Exploits to Three Chinese Hacker Groups

Microsoft has formally tied the exploitation of security flaws in internet-facing SharePoint Server instances to two Chinese hacking groups called Linen Typhoon and Violet Typhoon as early as July 7, 2025, corroborating earlier reports. The tech giant said it also observed a third China-based...

9.8CVSS8.4AI score0.99982EPSS
Exploits41
Rows per page
Query Builder