Order byBest matchMost fresh
SecurityWeek5h
ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets
More details emerged on the ToolShell zero-day attacks targeting SharePoint servers, but confusion remains over the vulnerabilities.
Update: New version of Sharepoint 2016 fixes toolshell vulnerability
Microsoft is following up and is also releasing a patch for the 2016 edition of Sharepoint. Admins should install this immediately.
htxt4h
On-prem SharePoint servers have a “potent and dangerous” vulnerability
A new vulnerability dubbed ToolShell is being used to compromise on-premise instances of Microsoft SharePoint servers. Attacks have ranged from highly targeted to opportunistic based on the value of the company operating the server.
Microsoft releases emergency security updates to fix SharePoint zero-day flaws — everything you need to know
M icrosoft has released two emergency patches to address zero-day vulnerabilities that have been found in SharePoint RCE. Actively exploited in attacks, the two flaws (tracked as CVE-2025-53770 and CVE-2025-53771) are both “ToolShell” attacks that compromise services and that build on flaws that were fixed as part of July’s Patch Tuesday updates.
Critical Sharepoint security vulnerability: First patches are available
Microsoft has now released a patch, but attackers were not idle over the weekend. Dozens of SharePoint installations fell victim of "ToolShell"
TweakTown1d
Hackers use Microsoft service to launch serious global attack at governments and businesses
At least 85 servers worldwide have been compromised through a Microsoft service vulnerability that has been used to achieve remote code execution.
Feedback