Bleeping Computer

New ClickFix attack deploys Havoc C2 via Microsoft Sharepoint

A newly uncovered ClickFix phishing campaign is tricking victims into executing malicious PowerShell commands that deploy the Havok post-exploitation framework for remote access to compromised devices ...
Bleeping Computer

Microsoft releases emergency patches for SharePoint RCE flaws exploited in attacks

Microsoft has released emergency SharePoint security updates for two zero-day vulnerabilities tracked as CVE-2025-53770 and CVE-2025-53771 that have compromised services worldwide in "ToolShell" ...