News
Microsoft SharePoint zero-day exploited in RCE attacks, no patch available
Critical zero-day vulnerabilities in Microsoft SharePoint, tracked as CVE-2025-53770 and CVE-2025-53771, have been actively exploited since at least July 18th, with no patch available and at least 85 servers already compromised worldwide.
Microsoft Fix Targets Attacks on SharePoint Zero-Day
Microsoft also has issued a patch for a related SharePoint vulnerability — CVE-2025-53771; Microsoft says there are no signs of active attacks on CVE-2025-53771, and that the patch is to provide more robust protections than the update for CVE-2025-49706.
Microsoft fixes three SharePoint zero-day exploits used in series of cyberattacks - how to patch them
Microsoft has pointed the finger at three Chinese nation-state actors for exploiting the SharePoint vulnerabilities. Here's what we know about the security flaws and how to guard against future attacks.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), in an alert, said it's aware of active exploitation of ...
The hackers behind the initial wave of attacks exploiting a zero-day in Microsoft SharePoint servers have so far primarily ...
More information has emerged on the ToolShell SharePoint zero-day attacks, including impact, victims, and threat actors.
Active SharePoint exploits since July 7 target governments and tech firms globally, risking key theft and persistent access.
Hours after Microsoft revealed hacking groups affiliated with the Chinese government have been exploiting a flaw in its ...
Microsoft has released a critical patch for a security flaw in its SharePoint software. Hackers actively exploited this ...
Chinese "threat actors" have hacked some Microsoft SharePoint servers and targeted the data of the businesses using them, the ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback