News

What to know about ToolShell, the SharePoint threat under mass exploitation
The name was coined by Dinh Ho Anh, a researcher from Khoa of Viettel Cyber Security, who developed the exploit. The ...
Microsoft5d
Disrupting active exploitation of on-premises SharePoint vulnerabilities
Microsoft has observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon, exploiting vulnerabilities ...
CPO Magazine1d
Microsoft Releases Emergency Updates Amid Active Exploitation of SharePoint Zero-Day Vulnerability Chain
Microsoft has released security patches for the zero-day vulnerability chain dubbed ToolShell, capable of remote code ...
SharePoint vulnerability with 9.8 severity rating under exploit across globe
The vulnerability, tracked as CVE-2025-53770, carries a severity rating of 9.8 out of a possible 10. It gives unauthenticated ...
Microsoft probing if Chinese hackers learned SharePoint flaws through alert, Bloomberg News reports
A security patch Microsoft released this month failed to fully fix a critical flaw in the U.S. tech giant's SharePoint server ...
Microsoft SharePoint attack: Officials issue warning about 'active exploitation'
Federal cybersecurity officials have issued a warning to Microsoft users about a security flaw allowing hackers to access to ...
Microsoft SharePoint Hackers Switch Gears to Spread Ransomware
Threat actors exploit SharePoint flaws to access internal systems, steal sensitive data, and carry out surveillance, ...
Federal News Network4d
Agencies face tight deadline to mitigate SharePoint vulnerability
CISA gave agencies until the end of the day on Monday to mitigate a severe zero-day vulnerability in Microsoft's widely used ...
Government Technology3d
As SharePoint Exploit Emerged, State Cyber Teams Mobilized
State CISOs in North Carolina and Arizona said their teams began work immediately to ensure on-prem SharePoint systems were ...
Microsoft Put Older Versions of SharePoint on Life Support. Hackers Are Taking Advantage
Multiple hacking groups—including state actors from China—have targeted a vulnerability in older, on-premises versions of the ...
The Hacker News4d
Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access
Active SharePoint exploits since July 7 target governments and tech firms globally, risking key theft and persistent access.
Microsoft SharePoint under 'active exploitation,' Homeland Security's CISA says
Eye Security, a cybersecurity firm, says it "identified active large-scale exploitation" of the new vulnerability "being used ...