Shadowserver

Entity category: organization

BigTech Companies

29,000 Unpatched Servers Still Vulnerable to Microsoft Exchange Flaw

August 14, 2025
Microsoft logo on a dark background. Four colored squares form the iconic Windows logo.

Over 29,000 Microsoft Exchange servers remain vulnerable to CVE-2025-53786, a critical flaw allowing attackers to escalate access in hybrid cloud…

Read More »
BigTech Companies

29,000+ Unpatched Exchange Servers at Risk from Critical Flaw

August 13, 2025
Microsoft Teams logo in blue against a red and black background with streaks of light.

Thousands of Microsoft Exchange servers remain vulnerable to CVE-2025-53786, a critical flaw allowing attackers to infiltrate cloud environments and escalate…

Read More »
Business

Patch Now: CISA Warns of Actively Exploited PaperCut RCE Bug

July 30, 2025
PaperCut logo on layered pastel pink, blue, and dark blue paper against a red background.

Federal agencies and private organizations are urged to patch a critical PaperCut vulnerability (CVE-2023-2533) that allows remote code execution, with…

Read More »
BigTech Companies

Warlock ransomware exploits SharePoint flaws, warns Microsoft

July 25, 2025
Abstract digital artwork: glowing blue cubes linked by a metallic chain on a dark circuit board, suggesting data security.

A Chinese hacking group (Storm-2603) is exploiting SharePoint vulnerabilities to deploy Warlock ransomware, targeting over 420 unpatched systems using zero-day…

Read More »
Cybersecurity

1,000+ CrushFTP servers vulnerable to active hijacking attacks

July 22, 2025
CrushFTP logo on an abstract background of red and pink circuit lines.

Over 1,000 CrushFTP servers remain vulnerable to a critical flaw (CVE-2025-54309), allowing attackers to hijack admin access and steal sensitive…

Read More »
Cybersecurity

1,200+ Citrix servers vulnerable to critical auth bypass flaw

July 1, 2025
Citrix logo against a starry night sky; a lone figure shines a red light into the distance.

Over 1,200 Citrix NetScaler systems remain vulnerable to CVE-2025-5777, a severe authentication bypass flaw enabling session hijacking and MFA bypass,…

Read More »