Cyber Security Headlines Sharepoint hack linked to Chinese groups, NGOs targeted with phishing tactics, engineer admits US missile theft
5 snips
Jul 23, 2025 Chinese hackers are implicated in a series of Sharepoint ToolShell attacks, raising concerns about state-sponsored cyber threats. Meanwhile, Russian threat actors are targeting NGOs with clever OAuth phishing tactics, putting sensitive data at risk. In a shocking twist, a Silicon Valley engineer has confessed to stealing US missile technology secrets. The discussions shed light on the complexities of current cybersecurity dangers and underscore the importance of robust security measures.
AI Snips
Chapters
Transcript
Episode notes
Chinese Groups Exploit SharePoint Zero-Day
- Microsoft attributed SharePoint ToolShell zero-day attacks to Chinese state-linked hacking groups.
- These attacks target on-premise SharePoint servers across sectors, with active exploitation ongoing.
Russian OAuth Phishing Tactics Uncovered
- Russian hackers use OAuth phishing campaigns targeting NGOs and Ukraine-related people.
- They exploit Microsoft 365 login flows to bypass traditional defenses using legitimate tools.
Engineer Admits US Missile Tech Theft
- Engineer Cheng Wang Gong stole over 3,600 secret files from US firms, including missile tech.
- FBI discovered this during a post-employment audit, leading to serious charges.