The Cybersecurity and Infrastructure Security Agency (CISA) is aware of the newly disclosed high-severity vulnerability, CVE-2025-53786, that allows a cyber threat actor with administrative access to an on-premise Microsoft Exchange server to escalate privileges by exploiting...
The Cybersecurity and Infrastructure Security Agency (CISA) published a Malware Analysis Report (MAR) with analysis and associated detection signatures on files related to Microsoft SharePoint vulnerabilities. Cyber threat actors have chained CVE-2025-49704 and CVE-2025-49706.
Over the last several months, security researchers have observed threat actors targeting Microsoft 365 (M365) accounts in phishing campaigns that bypass security controls. The technique allows threat actors to spoof internal M365 users and deliver emails using Microsoft Exchange...
The Cybersecurity and Infrastructure Security Agency (CISA) released an updated Alert to reflect newly released information from Microsoft, and to correct the actively exploited Common Vulnerabilities and Exposures (CVEs), which have been confirmed as CVE-2025-49706.
Multiple Vulnerabilities have been discovered in Microsoft SharePoint Server, which could allow for remote code execution. Microsoft SharePoint Server is a web-based collaborative platform that integrates with Microsoft Office. Successful exploitation of these vulnerabilities
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs...
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, delete data...
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete...
Over the past several weeks, the NJCCIC received reports of unauthorized account access facilitated by phishing campaigns. While the targeted accounts varied, the images in this post originate from a campaign that aims to access users' Microsoft 365 accounts.
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change...
