Find notable cyber news and cases, enriched with sources, timelines, and signals.

Telecommunications company in Middle East hit by network compromise

Incident
First reported
Last updated
Happening score
H score 38
1 unique sources, 1 articles

Summary

Hide ▲

A telecommunications company in the Middle East was breached through exploitation of ToolShell / CVE-2025-53770 in Microsoft SharePoint, creating a confirmed victim-compromise event after the flaw's July 2025 patch. The same vulnerability was also used against government, academic, and finance targets across Africa, South America, the U.S., and Europe, widening the operational risk. The intrusion mattered because the attackers sought credential theft and persistent access, not just one-off access.

Related Happenings

Microsoft releases RoguePlanet Defender security update for CVE-2026-50656

Security Patch Release
H score32 First: 17.06.2026 20:36 Last: 17.06.2026 20:36 Sources 1

About this happening: **Microsoft** has released a **security update** for **CVE-2026-50656**, remediating **RoguePlanet** in the **Microsoft Malware Protection Engine (mpengine.dll)**. The flaw is a *...

Latest development: 09.07.2026 11:48

Microsoft released security updates for CVE-2026-50656, remediating the RoguePlanet privilege-escalation flaw in Microsoft Malware Protection Engine (mpengine.dll) with version 1.1.26060.3008 and additional defense-in-depth updates. Microsoft said no customer action is required to install the update.

Sitecore actively exploited zero-day vulnerability (CVE-2025-53690)

Vulnerability
H score34 First: 16.01.2026 09:18 Last: 16.01.2026 09:18 Sources 1

About this happening: **CVE-2025-53690** is a **critical Sitecore vulnerability** under **active exploitation** for **initial access**. **CISA** advised **FCEB agencies** to update **Sitecore** by **Se...

Likely Chinese Claude Code espionage campaign against roughly thirty organizations

Campaign
H score29 First: 14.11.2025 14:15 Last: 14.11.2025 14:15 Sources 1

About this happening: A **likely Chinese state-sponsored** espionage campaign used **Anthropic’s Claude Code** to automate intrusion attempts against about **thirty organizations**, increasing scale an...

Microsoft SharePoint ToolShell (CVE-2025-53770) widespread exploitation

Exploitation Wave
H score42 First: 22.10.2025 13:24 Last: 22.10.2025 13:24 Sources 1

How related: Threat actors with ties to China exploited the ToolShell security vulnerability in Microsoft SharePoint to breach a telecommunications company in the Middle East after it was publicly disclosed and patched in July 2025.

About this happening: **CVE-2025-53770** exploitation against **Microsoft SharePoint on-premise servers** expanded into a **multi-region wave** affecting government, university, telecom, and finance ta...

Latest development: 22.10.2025 15:56

After the **July 2025 patch**, China-linked actors began abusing **ToolShell / CVE-2025-53770** against **Microsoft SharePoint** servers, starting with a **telecommunications company in the Middle East** and then broader regional targets.

Microsoft SharePoint ToolShell actively exploited zero-day (CVE-2025-53770)

Vulnerability
H score42 First: 22.10.2025 13:24 Last: 22.10.2025 13:24 Sources 1

About this happening: **CVE-2025-53770 ToolShell** is an **actively exploited zero-day** in **Microsoft SharePoint on-premise servers**, exposing systems to **remote unauthenticated code execution** an...

Timeline

  1. 22.10.2025 15:56 2 articles · 8mo ago

    Telecommunications company in Middle East hit by network compromise

    Initial Disclosure

    After **July 2025** patching, attackers exploited **CVE-2025-53770** in **Microsoft SharePoint** to break into the telecom company's network and begin a wider wave of targeting.

    Show sources