News

What to know about ToolShell, the SharePoint threat under mass exploitation

The name was coined by Dinh Ho Anh, a researcher from Khoa of Viettel Cyber Security, who developed the exploit. The ...

SharePoint vulnerability with 9.8 severity rating under exploit across globe

The vulnerability, tracked as CVE-2025-53770, carries a severity rating of 9.8 out of a possible 10. It gives unauthenticated ...

Microsoft SharePoint attack: Officials issue warning about 'active exploitation'

Federal cybersecurity officials have issued a warning to Microsoft users about a security flaw allowing hackers to access to ...

Microsoft says Chinese hacking groups exploited SharePoint vulnerability in attacks

Two Chinese nation-state actors and one China-based threat actor have tried to exploit the vulnerability for weeks, Microsoft ...

Microsoft SharePoint under 'active exploitation,' Homeland Security's CISA says

Eye Security, a cybersecurity firm, says it "identified active large-scale exploitation" of the new vulnerability "being used ...
CPO Magazine11h

Microsoft Releases Emergency Updates Amid Active Exploitation of SharePoint Zero-Day Vulnerability Chain

Microsoft has released security patches for the zero-day vulnerability chain dubbed ToolShell, capable of remote code ...
PCMag on MSN4d

Mass Exploitation: Hackers Hit Zero-Day Flaw in Microsoft's SharePoint

The newly discovered flaw in Microsoft's SharePoint software has allowed hackers to target dozens of companies and ...
Microsoft4d

Disrupting active exploitation of on-premises SharePoint vulnerabilities

Microsoft has observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon, exploiting vulnerabilities ...
The Financial Express55m

Microsoft investigates if Chinese hackers exploited SharePoint flaws through early alert leak: Report

In a blog post on Tuesday, Microsoft said two allegedly Chinese hacking groups, dubbed "Linen Typhoon" and "Violet Typhoon," ...
Redmondmag.com4d

SharePoint Zero Day Vulnerability Exploited in Government System Breaches

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert Sunday detailing active exploitation of a ...
The Hacker News1d

Storm-2603 Exploits SharePoint Flaws to Deploy Warlock Ransomware on Unpatched Systems

Storm-2603 exploits SharePoint flaws to deploy Warlock ransomware, affecting 400+ victims. Microsoft urges mitigation.
The Hacker News2d

CISA Orders Urgent Patching After Chinese Hackers Exploit SharePoint Flaws in Live Attacks

CISA flags Microsoft SharePoint flaws under active attack by Chinese hackers. U.S. agencies must patch by July 23 ...