ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "Ep. 4: ToolShell in the Wild: SharePoint Zero-Day CVE-2025-53770 Explained"
Episode Synopsis
In this urgent Cyber Resilience Brief, host Tova Dvorin is joined by SafeBreach experts Adrian Culley and Tomer Bar to break down CVE-2025-53770, a critical zero-day vulnerability actively exploited in Microsoft SharePoint Server. Known as part of the ToolShell attack chain, this deserialization flaw allows unauthenticated remote code execution and persistence — and it’s already being used in the wild.
We discuss:
What makes this vulnerability so dangerous (hint: there's no patch for SharePoint 2016 yet)
Why Microsoft is advising customers to assume breach
How SafeBreach Labs responded within 24 hours with new BAS coverage
Specific indicators of compromise (IoCs) and mitigation advice
Why this attack demands urgent attention from security teams and CISOs alike
Whether you're a SafeBreach customer or just trying to stay ahead of emerging threats, this episode delivers the critical insights you need — fast.
🔗 For more information on today's CVE, check out our post on the SafeBreach blog.
We discuss:
What makes this vulnerability so dangerous (hint: there's no patch for SharePoint 2016 yet)
Why Microsoft is advising customers to assume breach
How SafeBreach Labs responded within 24 hours with new BAS coverage
Specific indicators of compromise (IoCs) and mitigation advice
Why this attack demands urgent attention from security teams and CISOs alike
Whether you're a SafeBreach customer or just trying to stay ahead of emerging threats, this episode delivers the critical insights you need — fast.
🔗 For more information on today's CVE, check out our post on the SafeBreach blog.
In God we trust