URGENT – Microsoft Issues Patch for SharePoint Zero-Day Exploited in Ongoing Cyberattacks

THN Daily Updates WEBINAR -- 2025 CIAM Trends Report - Navigating Customer Identity in the AI Era Where AI meets identity--trust becomes your greatest asset. Learn how to protect it, earn it, and scale it. Download Now Sponsored LATEST NEWS Jul 21, 2025 Assessing the Role of AI in Zero Trust By 2025, Zero Trust has evolved from a conceptual framework into an essential pillar of modern security. No longer merely theoretical, it's now a requirement that organizations must adopt. A robust, defensible architect... Read More PoisonSeed Hackers Bypass FIDO Keys Using QR Phishing and Cross-Device Sign-In Abuse Cybersecurity researchers have disclosed a novel attack technique that allows threat actors to downgrade Fast IDentity Online (FIDO) key protections by deceiving users into approving authentication requests from spoofed... Read More All Eyes on Las Vegas Cyber pros converge Sept. 22–27 to train with SANS and gain skills you can use on Monday. Read More Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks Microsoft on Sunday released security patches for an actively exploited security flaw in SharePoint and also disclosed details of another vulnerability that it said has been addressed with "more robust protections." The... Read More Hard-Coded Credentials Found in HPE Instant On Devices Allow Admin Access Hewlett-Packard Enterprise (HPE) has released security updates to address a critical security flaw affecting Instant On Access Points that could allow an attacker to bypass authentication and gain administrative access ... Read More How to 'Go Passwordless' Without Getting Rid of Passwords Most breaches in 2025 stemmed from human error. Passwords remain risky—experts push for secure alternatives. Read More 3,500 Websites Hijacked to Secretly Mine Crypto Using Stealth JavaScript and WebSocket Tactics A new attack campaign has compromised more than 3,500 websites worldwide with JavaScript cryptocurrency miners, marking the return of browser-based cryptojacking attacks once popularized by the likes of CoinHive. ... Read More EncryptHub Targets Web3 Developers Using Fake AI Platforms to Deploy Fickle Stealer Malware The financially motivated threat actor known as EncryptHub (aka LARVA-208 and Water Gamayun) has been attributed to a new campaign that's targeting Web3 developers to infect them with information stealer malware. "LARVA... Read More WEBINAR -- 2025 CIAM Trends Report - Navigating Customer Identity in the AI Era Where AI meets identity--trust becomes your greatest asset. Learn how to protect it, earn it, and scale it. Download Now Sponsored This email was sent to sikubaycom.s3cr3tz@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from THN. To manage your email newsletter preferences, please click here. Contact THN: info@thehackernews.com Unsubscribe THN | K.P BLock, Pitampura, Delhi