Threat Research

    MAR-251132.c1.v1 Exploitation of SharePoint Vulnerabilities of osvmhdfl.dll

    Tracks ToolShell exploitation activity targeting SharePoint servers, including updated IOCs linked to CVE-2025-49704, CVE-2025-49706, CVE-2025-53770, and CVE-2025-53771. Observed threat actors: Linen Typhoon, Violet Typhoon, and Storm-2603....
    8/7/2025  0
    Read More »

    Project AK47: Uncovering a Link to the SharePoint Vulnerability Attacks

    "Project AK47: Uncovering a Link to the SharePoint Vulnerability Attacks" details the connection between a threat activity cluster tracked as CL-CRI-1040 and recent exploitation of SharePoint vulnerabilities. This cluster deploys a toolset named Project AK47, which includes a backdoor, ransomware, and loaders....
    8/6/2025  0
    Read More »
    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2026 by Gurucul - All rights reserved.