Cybersecurity

Subscribe to Cybersecurity via RSS

Threat actors continue to exploit ToolShell to gain unauthorized access to on-premises SharePoint servers. On August 6, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) released a malware analysis report after analyzing six files “including two Dynamic Link-Library (.DLL), one cryptographic key stealer, and three web shells. Cyber threat actors could leverage this malware

On July 29, 2025, the Cybersecurity & Infrastructure Security Agency (CISA), along with the Federal Bureau of Investigation, Canadian Centre for Cyber Security, Royal Canadian Mounted Police, the Australian Cyber Security Centre’s Australian Signals Directorate, and the Australian Federal Police and National Cyber Security Centre, issued an updated advisory on threat actor Scattered Spider, which

On July 22, 2025, the National Institute of Standards and Technology (NIST) issued proposed updates to NIST SP 800-53 Controls on Secure and Reliable Patches designed to “address software resiliency, developer testing, secure logging, least privilege for functions and tools, deployment management of updates, software integrity and validation, delineation of roles and responsibilities between organizations

Microsoft has confirmed that vulnerabilities in its on-premises SharePoint Server installations, a network spoofing vulnerability (CVE-202549706), and a remote code execution vulnerability (CVE-2025-49704) are being actively exploited despite releasing an emergency patch on July 20, 2025. The vulnerabilities allow threat actors to “execute code remotely, bypass identity protections such as multi-factor authentication and access system

If you own an electric vehicle, keep an eye on cybersecurity issues that may affect your car and its accessories. You wouldn’t think that an electric vehicle charger could include a vulnerability that allows threat actors to access information, but the Cybersecurity & Infrastructure Security Agency (CISA) issued an Alert on July 15, 2025, warning