If exploited, attackers can gain full access to SharePoint content and potentially pivot to Outlook, Teams, and OneDrive.

Hackers with ties to the Chinese government have been linked to a recent wave of widespread attacks targeting a Microsoft ...

A security patch released by Microsoft earlier this month failed to fully fix a critical flaw in the U.S. tech company's ...

Microsoft says the Chinese threat actors Linen Typhoon, Violet Typhoon, and Storm-2603 have been exploiting the ToolShell zero-days.

A security patch released by Microsoft last month failed to fully fix a critical flaw in U.S. tech giant's SharePoint server ...

Microsoft has started releasing updates to fix the exploited SharePoint zero-days tracked as CVE-2025-53770 and CVE-2025-53771.

Microsoft released a patch Monday for SharePoint Server 2016 that protects customers against a pair of vulnerabilities, which ...

The term "zero-day" attack refers to when a previously unknown vulnerability is targeted. Tens of thousands of servers are ...

Microsoft said an attack campaign targeting zero-day vulnerabilities in on-premises SharePoint servers appears to have begun ...

CISA has mandated immediate mitigation for federal agencies, while analysts urge enterprises to accelerate cloud migration ...

Microsoft is issuing an emergency fix to close off a vulnerability in Microsoft’s SharePoint software that hackers have ...

An ongoing cyberattack campaign known as “ToolShell” is exploiting on-premises Microsoft SharePoint Servers and has ...