Sign in Subscribe

AlanKaliX

What You Need to Know About the “ToolShell”(SharePoint) Vulnerability

What You Need to Know About the “ToolShell”(SharePoint) Vulnerability

If you’re managing an on-premises SharePoint server, pay very close attention. There’s a serious cybersecurity threat, currently active and known as “ToolShell,” referred to as CVE-2025–53770 or CVE-2025–53771. This isn’t just a minor issue; it allows attackers to completely take control of your SharePoint server

The Shadow in the Stream: Hunting Adversary-in-the-Middle Phishing Attacks with KQL

The Shadow in the Stream: Hunting Adversary-in-the-Middle Phishing Attacks with KQL

Adversary-in-the-Middle (AiTM) phishing poses a significant threat to business operations, particularly in cloud-based environments such as Microsoft 365. This technique involves attackers positioning themselves between users and legitimate services to intercept credentials and session tokens, often bypassing multifactor authentication (MFA). Enterprises face heightened risks due to the integration of AiTM