In July 2025, a widely exploited zero-day vulnerability, CVE-2025-53770 & 53771, named ToolShell, hit on-premises Microsoft SharePoint Server systems, triggering a large-scale compromise. The ToolShell exploit gave attackers unauthenticated remote code execution in on‑premises SharePoint by chaining a spoofed Referer ... Read More The post When Static Trust Becomes a Backdoor: Lessons from the 2025 SharePoint ToolShell Exploit appeared first on SecureW2.
