News
Microsoft Releases Emergency Updates Amid Active Exploitation of SharePoint Zero-Day Vulnerability Chain
Microsoft has released security patches for the zero-day vulnerability chain dubbed ToolShell, capable of remote code execution on SharePoint, resulting in the exploitation of at least 54 organizations worldwide.
Microsoft SharePoint zero-day exploited in RCE attacks, no patch available
Critical zero-day vulnerabilities in Microsoft SharePoint, tracked as CVE-2025-53770 and CVE-2025-53771, have been actively exploited since at least July 18th, with no patch available and at least 85 servers already compromised worldwide.
The name was coined by Dinh Ho Anh, a researcher from Khoa of Viettel Cyber Security, who developed the exploit. The ...
More information has emerged on the ToolShell SharePoint zero-day attacks, including impact, victims, and threat actors.
The Register on MSN4h
Blame a leak for Microsoft SharePoint attacks, researcher insists
MAPP program to blame? A week after Microsoft told the world that its July software updates didn't fully fix a couple of bugs ...
The hackers behind the initial wave of attacks exploiting a zero-day in Microsoft SharePoint servers have so far primarily ...
Microsoft also has issued a patch for a related SharePoint vulnerability — CVE-2025-53771; Microsoft says there are no signs ...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert Sunday detailing active exploitation of a ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback