Featured Story
High-severity Windows SMB flaw now exploited in attacks
Summary
The Cybersecurity and Infrastructure Security Agency (CISA) says threat actors are now actively exploiting a high-severity Windows SMB privilege escalation vulnerability that can let them gain SYSTEM privileges on unpatched systems.
Tracked as CVE-2025-33073, this security flaw impacts all Windows Server and Windows 10 versions, as well as Windows 11 systems up to Windows 11 24H2.
Microsoft patched the vulnerability during the June 2025 Patch Tuesday.
Other News
AWS outage crashes Amazon, Prime Video, Fortnite, Perplexity and more
Summary
An AWS outage took down millions of websites, including Amazon.com, Prime Video, Perplexity AI, and Canva, affecting consumers globally across the United States and Europe.
According to the AWS Health dashboard, Amazon confirmed increased error rates and latencies for multiple AWS services in the US-EAST-1 Region. The issue also affected Case Creation via the AWS Support Center and API.
Amazon stated they are actively working to mitigate the issue and identify the root cause.
Chinese Threat Actors Exploit ToolShell SharePoint Flaw Weeks After Microsoft’s July Patch
Summary
Threat actors with ties to China exploited the ToolShell vulnerability in Microsoft SharePoint to breach a telecommunications company in the Middle East, weeks after it was patched in July 2025.
Also targeted were government departments in Africa and South America, a university in the U.S., a state technology agency, and a European finance company.
The attacks exploited CVE-2025-53770, a now-patched flaw in on-premise SharePoint servers that could bypass authentication and achieve remote code execution.
Be wary of phishing emails sent in the name of Partenamut
Summary
Numerous reports have been received of phishing emails impersonating Partenamut, a Belgian health insurance company. The sender claims a supposed refund of €180 has been credited to the recipient’s affiliate account and requests verification via a fraudulent link.
The phishing campaign uses fake banking update links and legitimate branding to appear trustworthy. Users are advised not to click on links in suspicious messages, not to open attachments, and to forward suspicious emails to suspicious@safeonweb.be for processing.
Suspicious messages can be forwarded to any of the three email addresses from Safeonweb:
Our SOC is also available to assist if there are any doubts or suspicions about text or email messages.
