Over 1,300 Microsoft SharePoint servers vulnerable to spoofing attacks
BleepingComputer·60-word summary·1 min read
Over 1,300 Microsoft SharePoint servers remain unpatched against a spoofing vulnerability exploited as a zero-day. The vulnerability, which is still being actively exploited, leaves these servers vulnerable to spoofing attacks. Microsoft has not yet issued a complete fix, raising ongoing security concerns for organizations relying on SharePoint. The issue highlights the importance of timely patching and security updates.
Volo Protocol on the Sui blockchain lost $3.5 million in a security breach on April 21, 2026, due to a compromised vault admin private key. The exploit affected three vaults and prevented a WBTC bridge attempt. Security firms GoPlus Security and ExVul confirmed the incident, highlighting vulnerabilities in the platform’s key management.
Aave’s deposits have dropped by $15 billion following the Kelp DAO bridge exploit, causing users to withdraw funds amid concerns over potential losses related to rsETH-linked shortfalls. The incident, which occurred in April 2026, has heightened security fears within the DeFi sector, leading to a significant decline in Aave’s supplied balance and increased caution among investors.
A new supply chain attack in the npm ecosystem has emerged, targeting developer credentials and spreading through compromised package accounts. The attack self-propagates by stealing authentication tokens, posing a significant security threat to developers and projects relying on npm packages. The incident highlights ongoing vulnerabilities in software supply chains and the need for enhanced security measures.
Solana's price neared $90 again on April 22, marking its eighth attempt to break resistance amid heightened market volatility. The crypto sector has experienced multiple exploits this month, including the KelpDAO breach and RAVE price crash, which have increased trader caution. Despite these security concerns, Solana quickly rebounded from local support, reflecting ongoing resilience in a turbulent market.
North Korea-linked hackers stole over $578 million in April, following the Kelp DAO exploit. The theft highlights ongoing security threats across various protocols, companies, and users. The incident underscores the increasing scale of state-sponsored crypto heists, with North Korea continuing to be a major actor in the sector’s security challenges.
Microsoft Teams will soon introduce an Efficiency Mode for PCs with limited CPU and memory resources, aiming to enhance app responsiveness. The feature is part of Microsoft's efforts to optimize performance on devices with constrained hardware. The rollout date has not been specified, but the update targets users experiencing security and stability issues due to resource limitations.
