If exploited, attackers can gain full access to SharePoint content and potentially pivot to Outlook, Teams, and OneDrive.

More details emerged on the ToolShell zero-day attacks targeting SharePoint servers, but confusion remains over the ...

Microsoft is following up and is also releasing a patch for the 2016 edition of Sharepoint. Admins should install this ...

Unknown threat actors are using a weaponised version of an exploit showcased at Pwn2Own Berlin in May to target SharePoint ...

Microsoft has started releasing updates to fix the exploited SharePoint zero-days tracked as CVE-2025-53770 and ...

Microsoft also has issued a patch for a related SharePoint vulnerability — CVE-2025-53771; Microsoft says there are no signs ...

The term "zero-day" attack refers to when a previously unknown vulnerability is targeted. Tens of thousands of servers are ...

Patches for two vulnerable editions of Microsoft's on-premises SharePoint Server collaboration tool are now available, with ...

Active exploitation of a dangerous zero-day vulnerability chain in Microsoft SharePoint – which was disclosed over the weekend – is underway. Immediate action is advised.

Microsoft has issued an emergency fix for SharePoint software due to a zero-day vulnerability. Hackers exploited this flaw, ...

Active SharePoint exploits since July 7 target governments and tech firms globally, risking key theft and persistent access.

Microsoft is issuing an emergency fix to close off a vulnerability in Microsoft’s SharePoint software that hackers have ...