Subscribe
Monday, April 27, 2026
type here...
Subscribe
HomeVulnerabilities

Vulnerabilities

Chinese Hackers Exploit SharePoint Zero-Day Vulnerabilities, CISA Issues Urgent Warning

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding active exploitation of critical SharePoint vulnerabilities by Chinese nation-state actors, prompting immediate action from organizations running on-premises SharePoint servers. Microsoft Security Response Center confirmed that threat actors are actively exploiting a...
Read more

Critical Chrome Vulnerabilities Could Let Hackers Run Arbitrary Code

Google has released critical security updates for Chrome browser versions 138.0.7204.168/.169 across multiple platforms, addressing several high-severity vulnerabilities that could potentially allow attackers to execute arbitrary code on affected systems. The update, currently rolling out to Windows, Mac, and Linux users over the coming...
Read more

Microsoft SharePoint Code Injection and Authentication Vulnerabilities Actively Exploited, CISA Issues Warning

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Microsoft SharePoint vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning organizations that the security vulnerability is being actively exploited by threat actors in the wild. The vulnerability, tracked as CVE-2025-49706, represents a...
Read more

Chinese Hackers Exploit New SharePoint 0-Day Vulnerabilities in Active Attacks

A urgent guidance on July 19, 2025, warning of active attacks targeting on-premises SharePoint servers by Chinese nation-state actors exploiting critical vulnerabilities CVE-2025-53770 and CVE-2025-53771. The company has observed multiple threat groups, including Linen Typhoon, Violet Typhoon, and Storm-2603, conducting sophisticated attacks against internet-facing...
Read more

Surveillance Firm Exploits SS7 Vulnerabilities to Track User Locations

A sophisticated new SS7 bypass attack that enables surveillance companies to circumvent mobile network security defenses and illegally track user locations. The attack exploits a little-known encoding technique in the SS7 protocol's TCAP layer, effectively hiding subscriber identity information from security systems designed to...
Read more

Critical Vulnerabilities in Sophos Intercept X for Windows Allow Arbitrary Code Execution

Sophos has disclosed three high-severity security vulnerabilities in its Intercept X for Windows endpoint protection software that could allow local attackers to gain system-level privileges and execute arbitrary code. The cybersecurity company released patches for all three vulnerabilities on July 17, 2025, following responsible...
Read more

About us

The Cyber News is an online community for security professionals. It features articles from top security researchers, CISOs, and technology experts.

Company

The latest

Burp Suite Supercharges Its Scanning Capabilities With React2Shell Vulnerability Detection

Vulnerabilities 0
PortSwigger has leveled up Burp Suite's scanning arsenal with...

Malicious MCP Servers Enable New Prompt Injection Attack To Drain Resources

Vulnerabilities 0
Unit 42 researchers at Palo Alto Networks exposed serious...

Law Enforcement Detains Hackers Equipped With Specialized Flipper Hacking Tools

Cyber News 0
Polish police have arrested three Ukrainian men traveling through...

Subscribe

© 2025 the Cyber News