SharePoint Zero-Day Exploitation

News

Microsoft’s SharePoint Patch Failed To Stop Attacks

Mass Exploitation: Hackers Hit Zero-Day Flaw in Microsoft's SharePoint

The newly discovered flaw in Microsoft's SharePoint software has allowed hackers to target dozens of companies and organizations. Only a partial fix has been issued.

CSO Online · 16h

Microsoft’s incomplete SharePoint patch led to global exploits by China-linked hackers

A July 8 fix for a critical SharePoint zero-day failed to stop active exploitation, enabling state-backed attackers to breach nearly 100 organizations worldwide.

Bleeping Computer · 4d

Microsoft SharePoint zero-day exploited in RCE attacks, no patch available

Critical zero-day vulnerabilities in Microsoft SharePoint, tracked as CVE-2025-53770 and CVE-2025-53771, have been actively exploited since at least July 18th, with no patch available and at least 85 servers already compromised worldwide.

SecurityWeek18h

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named

More information has emerged on the ToolShell SharePoint zero-day attacks, including impact, victims, and threat actors.

What to know about ToolShell, the SharePoint threat under mass exploitation

The name was coined by Dinh Ho Anh, a researcher from Khoa of Viettel Cyber Security, who developed the exploit. The ...

The Hacker News4d

Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Company Servers

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), in an alert, said it's aware of active exploitation of ...

17h

Microsoft fixes SharePoint zero-day exploits used in cyberattacks and ransomware - how to patch them

Microsoft has pointed the finger at three Chinese nation-state actors for exploiting the SharePoint vulnerabilities. Here's what we know about the security flaws and how to guard against future ...

Results that may be inaccessible to you are currently showing.

Hide inaccessible results