Retrospective 2025 and roadmap 2026
The new year has already begun, so it’s time to look back on 2025 and list what we’ve accomplished at ONYPHE. It’s also time…
Identifying Sharepoint boxes vulnerable to ToolShell, at scale
Along with everyone else in the cybers, last weekend we watched a wave of realization hit Sharepoint admins…
Massive Exploitation of Microsoft SharePoint Server Following the Disclosure of CVE-2025-53770
2025-07-23: UPDATE: we now have a reliable detection method. Nearly 500 unique IP addresses are vulnerable, accounting for…
CVE-2025-53770 & CVE-2025-53771
CVE-2025-53770, nicknamed “ToolShell”, is a critical zero-day vulnerability in Microsoft SharePoint Server that allows unauthenticated remote code execution…
CVE-2025-32432 – 0day Craft CMS discovered by Orange Cyberdefense
Orange Cyberdefense (OCD) has discovered a critical vulnerability (CVE-2025-32432) in the Craft CMS software. OCD has approached us…
Symlink backdoor on Fortinet SSL-VPN devices
ShadowServer has discovered more than 17,000 Fortinet SSL VPNs compromised by what’s known as the symlink backdoor. We…
New critical vulnerabilities in GLPI : CVE-2025-24799 and CVE-2025-24801
Two vulnerabilities in the IT asset management tool GLPI have been published under the heading “Pre-authentication SQL injection…
CVE-2025-24799 & CVE-2025-24801
The vulnerabilities identified as CVE-2025-24799 and CVE-2025-24801 affect GLPI, an open-source IT asset management tool. These vulnerabilities allow…
LeMagIT – GLPI: 680 instances in France affected by two serious vulnerabilities
[..] The ONYPHE attack surface management platform has just added support for detecting GLPI vulnerabilities CVE-2025-24799 and CVE-2025-24801….
