Microsoft has pointed the finger at three Chinese nation-state actors for exploiting the SharePoint vulnerabilities. Here's what we know about the security flaws and how to guard against future ...

A U.S. nuclear agency was among the victims of the SharePoint vulnerability chain, which was exploited to compromise over 54 ...

Microsoft has released security patches for the zero-day vulnerability chain dubbed ToolShell, capable of remote code ...

Hackers have been exploiting two zero-day vulnerabilities in on-premises installations of Microsoft SharePoint to gain remote ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), in an alert, said it's aware of active exploitation of CVE-2025-53770, which enables unauthenticated access to SharePoint systems and ...

Active SharePoint exploits since July 7 target governments and tech firms globally, risking key theft and persistent access.

A total of 396 compromised Microsoft SharePoint systems have been identified globally, affecting 145 organizations across 41 ...

Microsoft also has issued a patch for a related SharePoint vulnerability — CVE-2025-53771; Microsoft says there are no signs ...

The newly discovered flaw in Microsoft's SharePoint software has allowed hackers to target dozens of companies and organizations. Only a partial fix has been issued.

Critical zero-day vulnerabilities in Microsoft SharePoint, tracked as CVE-2025-53770 and CVE-2025-53771, have been actively ...

The hackers behind the initial wave of attacks exploiting a zero-day in Microsoft SharePoint servers have so far primarily ...

CISA has mandated immediate mitigation for federal agencies, while analysts urge enterprises to accelerate cloud migration ...