Skip to main content
JS
Jacob Santos

Jacob Santos

Threat Hunter, Researcher and Builder

Sr. Threat Researcher | Trend AI
17
Articles
14
Threads
10+
Tools
10+
Talks
Experience
Proactive Security for CVE-2025-53770 and CVE-2025-53771 SharePoint Attacks
Trend AI Research Blog Jul 2025

Proactive Security for CVE-2025-53770 and CVE-2025-53771 SharePoint Attacks

Defense EvasionRed Team Tools

CVE-2025-53770 and CVE-2025-53771 are vulnerabilities in on-premise Microsoft SharePoint Servers that evolved from previously patched flaws, enabling unauthenticated remote code execution through advanced exploitation chains. This research provides proactive security insights including detailed technical analysis of the vulnerability mechanics, proof-of-concept walkthrough, and practical detection and mitigation strategies for defenders. The article emphasizes the importance of patch management for internet-facing collaboration platforms.

Read Full Article Back to Research

Related Research

Agenda Ransomware Deploys Linux Variant on Windows Systems Through Remote Management Tools and BYOVD Techniques

Discovered Agenda ransomware deploying Linux variants on Windows systems via remote management tools and BYOVD techniques for cross-platform evasion.

RansomwareCross-Platform

Agenda Ransomware Group Adds SmokeLoader and NETXLOADER to Their Arsenal

Uncovered Agenda ransomware group adopting SmokeLoader and a new loader named NETXLOADER for improved delivery and evasion.

RansomwareDefense Evasion

Cerber Ransomware Exploits Atlassian Confluence Vulnerability CVE-2023-22518

Documented Cerber ransomware operators rapidly weaponizing CVE-2023-22518 in Atlassian Confluence for initial access and encryption deployment.

RansomwareDefense Evasion

Silent Threat: Red Team Tool EDRSilencer Disrupting Endpoint Security Solutions

First to document EDRSilencer weaponized in the wild — a red team tool using Windows Filtering Platform to blind EDR solutions.

Red Team ToolsEDR Evasion