If exploited, attackers can gain full access to SharePoint content and potentially pivot to Outlook, Teams, and OneDrive.

Hackers with ties to the Chinese government have been linked to a recent wave of widespread attacks targeting a Microsoft ...

CISA flags Microsoft SharePoint flaws under active attack by Chinese hackers. U.S. agencies must patch by July 23 ...

More details emerged on the ToolShell zero-day attacks targeting SharePoint servers, but confusion remains over the ...

The active exploitation of a dangerous zero-day vulnerability chain in Microsoft SharePoint – which was disclosed over the ...

Microsoft has observed three China-based threat actors, Linen Typhoon, Violet Typhoon and Storm-2603, exploiting the ...

Microsoft has started releasing updates to fix the exploited SharePoint zero-days tracked as CVE-2025-53770 and CVE-2025-53771.

Unknown threat actors are using a weaponised version of an exploit showcased at Pwn2Own Berlin in May to target SharePoint ...

An analysis by Microsoft names three different groups from China as the attackers of the latest Sharepoint vulnerability. But ...

Exploitation of the ToolShell RCE zero-day in Microsoft SharePoint continues to gather pace, with evidence emerging of ...

The term "zero-day" attack refers to when a previously unknown vulnerability is targeted. Tens of thousands of servers are ...

Microsoft also has issued a patch for a related SharePoint vulnerability — CVE-2025-53771; Microsoft says there are no signs ...