Mar-251132.c1.v1 exploitation of sharepoint vulnerabilities of osvmhdfl.dll

Intel Name: Mar-251132.c1.v1 exploitation of sharepoint vulnerabilities of osvmhdfl.dll

Date of Scan: August 7, 2025

Impact: High

Summary:
Tracks ToolShell exploitation activity targeting SharePoint servers, including updated IOCs linked to CVE-2025-49704, CVE-2025-49706, CVE-2025-53770, and CVE-2025-53771. Observed threat actors: Linen Typhoon, Violet Typhoon, and Storm-2603.

More Details