Bleeping Computer

Microsoft releases emergency patches for SharePoint RCE flaws exploited in attacks

Microsoft has released emergency SharePoint security updates for two zero-day vulnerabilities tracked as CVE-2025-53770 and CVE-2025-53771 that have compromised services worldwide in "ToolShell" ...
Krebs on Security

Microsoft Fix Targets Attacks on SharePoint Zero-Day

On Sunday, July 20, Microsoft Corp. issued an emergency security update for a vulnerability in SharePoint Server that is actively being exploited to compromise vulnerable organizations. The patch ...
Bloomberg L.P.

Microsoft Says Chinese Hackers Exploiting SharePoint Flaws

Microsoft Corp. accused Chinese state-sponsored hackers of using flaws in its SharePoint document management software in a hacking campaign that has targeted businesses and government agencies around ...
Reuters

More than 90 state, local governments targeted using Microsoft SharePoint vulnerability, group says

July 30 (Reuters) - More than 90 state and local governments have been targeted using the recently revealed vulnerability in Microsoft server software, according to a U.S. group devoted to helping ...
Windows Central

"We’re witnessing an urgent and active threat" — Microsoft SharePoint "ToolShell" vulnerability is being attacked globally

Global attacks forced Microsoft to push emergency updates to address vulnerabilities. Two zero-day vulnerabilities are at the center of attacks against United States federal and state agencies, ...
Reuters

Microsoft says some SharePoint server hackers now using ransomware

WASHINGTON, July 23 (Reuters) - A cyber-espionage campaign centered on vulnerable versions of Microsoft's (MSFT.O), opens new tab server software now involves the deployment of ransomware, Microsoft ...