Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Arctic Wolf

Critical Authentication Bypass Vulnerability in Mitel MiVoice MX-ONE

Jul 24, 2025 By Andres Ramos In Arctic Wolf
On July 23, 2025, Mitel released fixes for a critical authentication bypass vulnerability in the Provisioning Manager component of Mitel MiVoice MX-ONE, a communication platform used for enterprise voice and collaboration services. The vulnerability allows unauthenticated remote threat actors to gain unauthorized access to publicly exposed Mitel voice systems and access user or administrator accounts due to improper access controls.
Read Post
cato networks

Cato CTRL Threat Brief: "ToolShell" Exploit Targeting Microsoft SharePoint Vulnerabilities

Jul 24, 2025 By Guy Waizel In Cato Networks
On July 22, 2025, Microsoft published an overview of a series of critical vulnerabilities affecting Microsoft SharePoint Server (CVE-2025-49704, CVE-2025-49706, CVE-2025-53770, and CVE-2025-53771). These vulnerabilities opened a dangerous window for threat actors to gain access to internal resources, execute code remotely, and take over SharePoint deployments.
Read Post
sumologic

SharePoint "ToolShell" zero day

Jul 24, 2025 By Paul Sheck In Sumo Logic
Hats off to the great work the community and industry has done regarding the “ToolShell” attack against Microsoft’s On-Premise SharePoint servers. The goal of this article is to build on that great work and help Sumo Logic customers with on-prem SharePoint servers investigate and identify evidence within their environments.
Read Post
veracode

Shifting from Vulnerability Management to Security Risk Prioritization with AI

Jul 24, 2025 By Natalie Tischler In Veracode
The adage ‘an ounce of prevention is better than a pound of cure’ applies to AppSec vulnerability management. Traditionally, AppSec has focused on a reactive ‘curing flaws’ paradigm, identifying and fixing vulnerabilities after they have occurred. However, the never-ending escalation between threats and security leads to alert fatigue and security debt.
Read Post
foresiet

Inside the MOVEit Breach: How Cl0p and Nam3L3ss Expose Organizations to Ongoing Cyber Threats

Jul 23, 2025 By Foresiet In Foresiet
In 2023, a critical vulnerability in MOVEit Transfer software (CVE-2023-34362) was weaponized by the Cl0p ransomware group, leading to a substantial leak of sensitive employee data from major global corporations. The flaw in MOVEit allowed attackers to bypass authentication and access secure files, resulting in a far-reaching data breach that impacted various sectors including finance, healthcare, government, and retail.
Read Post
seemplicity

Attack Surface to Action: The Power of Censys ASM + Seemplicity

Jul 23, 2025 By Megan Horner In Seemplicity
Security teams juggle a multitude of tools to keep their organizations safe. One platform scans for exposed assets, another tracks vulnerabilities, and yet another manages remediation tasks – and the list goes on. Organizations use an average of 38 different security products, leading to fragmented processes and a lot of “noise” in the form of findings. It’s no surprise that 85% of security professionals say all this noise makes it challenging to reduce risk quickly.
Read Post
indusface

CVE-2025-53770: SharePoint Zero-Day Under Active Exploitation

Jul 23, 2025 By Deepak Kumar Choudhary In Indusface
CVE-2025-53770 is a live, high-severity threat that is already being exploited across global networks. This critical vulnerability in Microsoft SharePoint Server allows unauthenticated attackers to execute arbitrary code remotely, effectively handing them the keys to your infrastructure. As of July 2025, over 85 SharePoint servers have reportedly been breached. And if your organization uses SharePoint 2016, 2019, or Subscription Edition on-premises, you could be next.
Read Post
splunk

CitrixBleed 2: When Memory Leaks Become Session Hijacks

Jul 23, 2025 By Michael Haag In Splunk
The cybersecurity community is facing yet another critical infrastructure vulnerability that threatens enterprise networks worldwide. CVE-2025-5777, dubbed "CitrixBleed 2" by security researcher Kevin Beaumont, represents a dangerous out-of-bounds memory read vulnerability in Citrix NetScaler ADC and Gateway devices. This new flaw bears an unsettling resemblance to the original CitrixBleed (CVE-2023-4966), which was widely exploited by ransomware groups and nation-state actors in 2023.
Read Post
gitguardian

SharePoint Zero-Day Exploits Highlight Hidden Secrets Risk in Document Collaboration Tools

Jul 23, 2025 By Anna Nabiullina In GitGuardian
The recent SharePoint zero-day exploits expose a critical blind spot: hardcoded secrets hidden in collaboration tools. While teams secure code repositories, API keys and credentials lurking in SharePoint documents create dangerous attack vectors for lateral movement.
Read Post

Mastering API Security Testing: Stop BOLA and the OWASP Top 10 Before Deployment

Jul 23, 2025 By Wallarm In Wallarm
APIs drive modern applications, but their increasing complexity leaves them vulnerable to attacks. How can you ensure robust API security? Join Wallarm’s webinar to discover how to tackle today’s toughest API security challenges with advanced API security testing strategies. In this webinar we will cover: Learn how Wallarm’s innovative solutions can help you identify vulnerabilities, implement reliable security measures, and streamline your API testing process. Gain actionable insights into tools, best practices, and strategies to protect your APIs effectively.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.