Hackers were spotted exploiting a critical SAP NetWeaver vulnerability tracked as CVE-2025-31324 to deploy the Auto-Color Linux malware in a cyberattack on a U.S.-based chemicals company.

Unidentified hackers recently compromised a major intelligence website used by the CIA and other agencies to submit details of sensitive contracts, according to the National Reconnaissance Office, the spy satellite service that runs the site.

Hackers in recent weeks have exploited flaws in SharePoint, a document management system developed by Microsoft Corp., to try to steal sensitive data from hundreds of victims.

Chinese hackers breached the U.S. National Nuclear Security Administration through Microsoft SharePoint, with the Energy Department confirming no sensitive information was stolen.

Passwords, cryptocurrency keys, private messaging tokens, browser session data and more are open to any hacker willing to pay just $30 a month.

A program to share information with cybersecurity companies may have exposed unpatched flaws in the company’s SharePoint service.

The company said state-backed hacking groups were breaching systems through flaws in SharePoint, which is used by the U.S. government and companies around the world.

The infamous ScatteredSpider ransomware group is using VMware instances to target critical infrastructure organizations in the US, researchers have warned. Security researchers from Google Threat Intelligence Group (GITG) have found the criminals are targeting critical infrastructure firms, but also retail, airline, and insurance industries.