Zero-day exploits continue to pose a significant cybersecurity threat, with the recent discovery of the ToolShell (CVE-2025-53770) zero-day targeting over 17,000 Microsoft SharePoint servers. Meanwhile, Russian state-backed group Secret Blizzard is conducting a cyberespionage campaign targeting diplomats and embassies in Moscow using AiTM tactics and custom malware ApolloShadow. Adding to the threat landscape, a novel ‘Man-in-the-Prompt’ attack is exploiting browser extensions to manipulate both public and internal LLMs, risking exposure of sensitive data. Read on for the latest developments in cybersecurity.