News

What to know about a vulnerability being exploited on Microsoft SharePoint servers
Microsoft is issuing an emergency fix to close off a vulnerability in Microsoft’s SharePoint software that hackers have ...
Microsoft fixes SharePoint zero-day exploits used in cyberattacks and ransomware - how to patch them
Microsoft has pointed the finger at three Chinese nation-state actors for exploiting the SharePoint vulnerabilities. Here's what we know about the security flaws and how to guard against future ...
Microsoft SharePoint zero-day exploited in RCE attacks, no patch available
Critical zero-day vulnerabilities in Microsoft SharePoint, tracked as CVE-2025-53770 and CVE-2025-53771, have been actively ...
The Hacker News8d
Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Company Servers
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), in an alert, said it's aware of active exploitation of ...
New zero-day bug in Microsoft SharePoint under widespread attack
Security researchers say Microsoft customers should take immediate action to defend against the ongoing cyberattacks, and ...
Krebs on Security7d
Microsoft Fix Targets Attacks on SharePoint Zero-Day
Microsoft also has issued a patch for a related SharePoint vulnerability — CVE-2025-53771; Microsoft says there are no signs ...
CPO Magazine3d
Microsoft Releases Emergency Updates Amid Active Exploitation of SharePoint Zero-Day Vulnerability Chain
Microsoft has released security patches for the zero-day vulnerability chain dubbed ToolShell, capable of remote code ...
SecurityWeek7d
ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets
More details emerged on the ToolShell zero-day attacks targeting SharePoint servers, but confusion remains over the ...
Microsoft knew of SharePoint security flaw but failed to effectively patch it, timeline shows
A security patch Microsoft (MSFT.O), opens new tab released this month failed to fully fix a critical flaw in the U.S. tech ...