SharePoint HACKED?!?

A critical 0-day is hitting on-prem SharePoint servers, combining CVE-2025-53770 and CVE-2025-53771 for full unauthenticated RCE. In this video, Tib3rius explains how the attack was discovered, how it works, and what sysadmins need to do to protect their servers. Ends with a demo showing the exploit in action. Bleeping Computer article: https://www.bleepingcomputer.com/news/security/us-nuclear-weapons-agency-hacked-in-microsoft-sharepoint-attacks/ Microsoft Customer Guidance: https://msrc.microsoft.com/blog/2025/07/customer-guidance-for-sharepoint-vulnerability-cve-2025-53770/ Microsoft CVE-2025-53770: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53770 Microsoft CVE-2025-53771: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53771 eye.security blog post: https://research.eye.security/sharepoint-under-siege/ Metasploit Module: https://github.com/rapid7/metasploit-framework/pull/20409 X: https://x.com/0xTib3rius Bluesky: https://bsky.app/profile/tib3rius.bsky.social Twitch: https://www.twitch.tv/0xTib3rius InfoSec Exchange: https://infosec.exchange/@tib3rius LinkedIn: https://www.linkedin.com/in/tib3rius Courses: https://courses.tib3rius.com Udemy: https://www.udemy.com/user/tib3rius Discord: https://discord.com/invite/4qrvKMh TikTok: https://tiktok.com/@0xtib3rius Instagram: https://www.instagram.com/0xtib3rius Threads: https://www.threads.net/@0xtib3rius Facebook: https://www.facebook.com/0xTib3rius