Order byBest matchMost fresh
SecurityWeek3h
ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets
More details emerged on the ToolShell zero-day attacks targeting SharePoint servers, but confusion remains over the vulnerabilities.
Update: New version of Sharepoint 2016 fixes toolshell vulnerability
Microsoft is following up and is also releasing a patch for the 2016 edition of Sharepoint. Admins should install this immediately.
htxt2h
On-prem SharePoint servers have a “potent and dangerous” vulnerability
A new vulnerability dubbed ToolShell is being used to compromise on-premise instances of Microsoft SharePoint servers. Attacks have ranged from highly targeted to opportunistic based on the value of the company operating the server.
Critical Sharepoint security vulnerability: First patches are available
Microsoft has now released a patch, but attackers were not idle over the weekend. Dozens of SharePoint installations fell victim of "ToolShell"
TweakTown1d
Hackers use Microsoft service to launch serious global attack at governments and businesses
At least 85 servers worldwide have been compromised through a Microsoft service vulnerability that has been used to achieve remote code execution.
The Hacker News2d
Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Global Organizations
The zero-day flaw, tracked as CVE-2025-53770 (CVSS score: 9.8), has been described as a variant of CVE-2025-49706 (CVSS score: 6.3), a spoofing bug in Microsoft SharePoint Server that was addressed by the tech giant as part of its July 2025 Patch Tuesday updates.
Feedback