CVE-2025-53770 & CVE-2025-53771: Critical On-Prem SharePoint Vulnerabilities
Two critical vulnerabilities, tracked as CVE-2025-53770 and CVE-2025-53771, have been discovered in on-premise Microsoft SharePoint.
Sandworm is a strain of malware, used in Russian cyber-espionage campaign targeting NATO, European Union, Telecommunications and Energy sectors in 2014.
The attack relies on a zero day vulnerability in Windows known as CVE-2014-4114, patched in Bulletin MS14-060 of Microsoft’s October 2014 Patch Tuesday.
The name is rather dramatically borrowed from the famous 1960s science fiction epic Dune, where it refers to a sort of worm-like creature, hundreds or even thousands of metres long and as good as indestructible except with nuclear weapons.
Lital is a Marketing Team Leader, Storyteller, Technology Marketing Expert. She joined Cybereason as the first marketing hire and built a full marketing department. Specializing in brand building, product marketing, communication and content. Passionate about building ROI-driven marketing teams.
Two critical vulnerabilities, tracked as CVE-2025-53770 and CVE-2025-53771, have been discovered in on-premise Microsoft SharePoint.
Email extortion campaign by threat actor group CL0P targets e-business suite users under CVE-2025-61882