Critical SharePoint updates released (CVE-2025-53770/53771). Microsoft has released security patches for SharePoint Server 2016, 2019, and Subscription Edition. Key actions:  – Apply latest updates (cumulative)  – Rotate ASP.NET machine keys  – Conduct a

Critical #SharePoint zero-day (CVE-2025-53770/53771) detected by Eye Security: On July 18, our research team uncovered mass exploitation of a SharePoint vulnerability, affecting thousands of servers worldwide. Read how it unfolded and what it means for your security:

🍦After a week of #SharePoint chaos, we needed a break. So we rooted Copilot. Turns out, with a bit of persistence (and maybe some ice cream), Microsoft's AI assistant is pretty cooperative. Dive into the technical details on our blog: 👉 research.eye.security/how-we-rooted-… #Copilot

This afternoon at Black Hat USA, our Chief Hacker Vaisha Bernard Vaisha Bernard is breaking down how attackers can abuse Entra OAuth to pivot into internal Microsoft applications. 📍 1:30 PM | South Seas A & B, Level 3 🎯 Consent & Compromise: Abusing Entra OAuth for Fun and

🚨 From curiosity to 22 internal Microsoft apps A small distraction led to finding a common Microsoft Entra ID misconfiguration, giving access to 22+ internal Microsoft services. Last week at #BlackHatUSA, Chief Hacker Vaisha Bernard Vaisha Bernard shared the full story.