#233 - Intel Chat: SharePoint, ToolShell, UK bans payment & cryptojacking

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.

• A critical new SharePoint vulnerability is under mass exploitation, with attackers targeting on-premises SharePoint Server deployments to exfiltrate sensitive data, including authentication tokens.
• And then directly related to the first story, Microsoft has now confirmed that at least three China-linked threat actors—Linen Typhoon, Violet Typhoon, and Storm-2603—were actively exploiting CVE-2025-49706 and CVE-2025-49704 a day before the company issued patches on July 8.
• The UK government announced on July 22, 2025, that it plans to make ransomware payments illegal for public sector bodies and operators of critical national infrastructure (CNI).
• In-browser cryptocurrency mining, often called crypto jacking, originally gained notoriety in 2017 when Coinhive introduced JavaScript-based mining for Monero.