Privileged Path Hijack: Eye Security Exposes Root-Level Vulnerability in Copilot Enterprise
SummaryOn April 18, 2025, Eye Security researchers identified a critical privilege escalation issue in Microsoft Copilot Enterprise’s live Python sandbox…
Security
That Time Tom Lehrer Pranked the NSA
Bluesky thread. Here’s the paper, from 1957. Note reference 3.
Virtual Environments Under Fire: Fire Ant Campaign Breaches VMware Systems
A threat actor, codenamed Fire Ant, has targeted virtualization and networking infrastructure as part of a prolonged cyber-espionage campaign uncovered…
Microsoft SharePoint Zero-Day
Chinese hackers are exploiting a high-severity vulnerability in Microsoft SharePoint to steal data worldwide: The vulnerability, tracked as CVE-2025-53770, carries…
Weekly Update 462
Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite…
What You Can’t See Will Breach You
Why Continuous Visibility Is the Core of Modern Prevention In cybersecurity, visibility is everything. And yet, most organizations operate in…
SharePoint under fire: ToolShell attacks hit organizations worldwide
The ToolShell bugs are being exploited by cybercriminals and APT groups alike, with the US on the receiving end of…
Friday Squid Blogging: Stable Quasi-Isodynamic Designs
Yet another SQUID acronym: “Stable Quasi-Isodynamic Design.” It’s a stellarator for a fusion nuclear power plant.
ToolShell: Remote Code Execution in Microsoft SharePoint (CVE-2025-53770)
On July 19, 2025, a critical remote code execution (RCE) vulnerability (CVE-2025-53770, also referred to as ToolShell) was publicly disclosed,…
Hackers Weaponize SharePoint 0-Day: Widespread Exploitation Ongoing
A critical zero-day vulnerability chain, called “ToolShell,” is actively exploited in Microsoft SharePoint Server on-premises environments. This sophisticated attack vector…