News

Microsoft fixes two SharePoint zero-days under attack, but one is still unresolved - how to patch
Microsoft has pointed the finger at three Chinese nation-state actors. Here's what we know, plus how to guard against future ...
New zero-day bug in Microsoft SharePoint under widespread attack
Security researchers say Microsoft customers should take immediate action to defend against the ongoing cyberattacks, and ...
Google, Microsoft say Chinese hackers are exploiting SharePoint zero-day
The tech giants have evidence that Chinese hackers are exploiting the new bug, but warned "multiple actors" are also hacking ...
PCMag on MSN2d
Mass Exploitation: Hackers Hit Zero-Day Flaw in Microsoft's SharePoint
The newly discovered flaw in Microsoft's SharePoint software has allowed hackers to target dozens of companies and ...
SecurityWeek18h
Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch
Microsoft says the Chinese threat actors Linen Typhoon, Violet Typhoon, and Storm-2603 have been exploiting the ToolShell ...
Microsoft links Sharepoint ToolShell attacks to Chinese hackers
Hackers with ties to the Chinese government have been linked to a recent wave of widespread attacks targeting a Microsoft ...
US nuclear weapons agency hacked in Microsoft SharePoint attacks
Unknown threat actors have breached the National Nuclear Security Administration's network in attacks exploiting a recently ...
CSO Online1d
Microsoft SharePoint zero-day breach hits on-prem servers
CISA has mandated immediate mitigation for federal agencies, while analysts urge enterprises to accelerate cloud migration ...
Computer Weekly2d
Patch ToolShell SharePoint zero-day immediately, says Microsoft
The active exploitation of a dangerous zero-day vulnerability chain in Microsoft SharePoint – which was disclosed over the ...
SecurityWeek1d
SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available
Microsoft warned SharePoint Server users of a vulnerability dubbed ToolShell in the software that was assigned CVE-2025-53770 ...
The Hacker News17h
Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access
Active SharePoint exploits since July 7 target governments and tech firms globally, risking key theft and persistent access.
DATAQUEST2d
Microsoft SharePoint Zero-Day Attack: Why on-prem SharePoint servers are under siege?
Dataquest features, A critical zero-day vulnerability (CVE-2025-53770) in Microsoft SharePoint is being actively exploited, ...