SharePoint RCE Active Exploitation π οΈ, Cursor Zero-Click RCE π₯, NetNut Proxy Disrupted π
TLDR InfoSec
Retained excerpt
CISA added CVE-2026-45659 (CVSS 8.8), a RCE in SharePoint Server Subscription Edition π ATTACKS & VULNERABILITIES SHAREPOINT RCE CVE-2026-45659 ADDED TO CISA KEV AFTER ACTIVE EXPLOITATION (3 MINUTE READ) CISA added CVE-2026-45659 (CVSS 8.8), a RCE in SharePoint Server Subscription Edition, SharePoint Server 2019, and SharePoint Enterprise Server 2016, to its KEV catalog after confirming active exploitation, though Microsoft rates exploitation as "less likely" and the threat actor remains unidentified. Any authenticated attacker with only Site Member permissions could trigger the flaw for remote code execution, no elevated privileges required. Microsoft patched the issue in May. FCEB agencies were ordered to remediate by July 4. Defenders elsewhere should prioritize patching and audit for anomalous authenticated activity on internet-facing SharePoint servers. PACEMAKER MANUFACTURER MEDTRONIC WARNS PATIENTS CYBERCROOKS MAY HAVE SWIPED HEALTH DATA (3 MINUTE READ) Medtronic foundβ¦
This limited excerpt is retained to explain the source trail. Rights remain with the original publisher.