If exploited, attackers can gain full access to SharePoint content and potentially pivot to Outlook, Teams, and OneDrive.

Microsoft has started releasing updates to fix the exploited SharePoint zero-days tracked as CVE-2025-53770 and ...

The term "zero-day" attack refers to when a previously unknown vulnerability is targeted. Tens of thousands of servers are ...

Unknown threat actors are using a weaponised version of an exploit showcased at Pwn2Own Berlin in May to target SharePoint ...

Active exploitation of a dangerous zero-day vulnerability chain in Microsoft SharePoint – which was disclosed over the weekend – is underway. Immediate action is advised.

Security researchers warn that the exploit, reportedly known as “ToolShell,” is a serious one and can allow actors to fully ...

Microsoft also has issued a patch for a related SharePoint vulnerability — CVE-2025-53771; Microsoft says there are no signs ...

Microsoft July 19 issued an alert about active attacks from vulnerabilities targeting SharePoint servers used within ...

Hackers have been exploiting a zero-day vulnerability dubbed "ToolShell" in on-premises installations of Microsoft SharePoint to gain remote access, and ...

Microsoft has issued an urgent security alert this weekend after discovering attackers exploiting a critical zero‑day ...

Microsoft warned users that hackers used a security flaw in its server software to attack government agencies and businesses ...