Microsoft News Articles
Recent news articles refferecing the vendors vulnerabilities.

CISA Releases Malware Analysis Report Associated with Microsoft SharePoint Vulnerabilities | CISA
CISA published a Malware Analysis Report (MAR) with analysis and associated detection signatures on files related to Microsoft SharePoint vulnerabilities: CVE-2025-49704(link is external) [CWE-94: Code...
13 hours ago
ALERTS VULNEREBILITY
DATENAME INFO CATEGORYSUBCATE 25.7.25 CVE-2025-53770 - Critical SharePoint Zero-Day vulnerability exploited in the wild Microsoft has patched a zero-day vulnerability in SharePoint...
21 hours ago
The Heat Wasn't Just Outside: Cyber Attacks Spiked in Summer 2025
Can your defenses withstand the biggest attacks of Summer 2025? From Interlock's FileFix to Qilin, Scattered Spider, and ToolShell exploitsâsimulate them all against your organization's defenses with Picus Security Validation Platform to find gaps before attackers do.
2 days ago
Ransomware gangs join attacks targeting Microsoft SharePoint servers
Ransomware gangs have recently joined ongoing attacks targeting a Microsoft SharePoint vulnerability chain, part of a broader exploitation campaign that has already led to the breach of at least 148 organizations worldwide.
3 days ago
Active Exploitation of Microsoft SharePoint Vulnerabilities: Threat Brief (Updated July 29)
Unit 42 has observed active exploitation of recent Microsoft SharePoint vulnerabilities. Hereâs how you can protect your organization. Unit 42 has observed active exploitation of recent Microsoft SharePoint vulnerabilities. Hereâs how you can protect your organization.
1 week ago
ToolShell: Uncovering Five Critical Vulnerabilities in Microsoft SharePoint
Security researchers from Kaspersky have detailed a sophisticated exploit chain dubbed "ToolShell," actively targeting on-premise.
1 week ago
ToolShell: a story of five vulnerabilities in Microsoft SharePoint
Explaining the ToolShell vulnerabilities in SharePoint: how the POST request exploit works, why initial patches can be easily bypassed, and how to stay protected.
2 weeks ago
Microsoft SharePoint attacks ensnare 400 victims, including federal agencies
The Departments of Energy, Homeland Security and Health and Human Services have been impacted.
2 weeks ago
What we know about the Microsoft SharePoint attacks
State-linked hackers and ransomware groups are targeting SharePoint customers across the globe.
2 weeks ago
Chinese nation-state groups exploiting SharePoint vulnerability, Microsoft confirms
Microsoft said previously known Chinese nation-state operations that it tracks as Linen Typhoon and Violet Typhoon â as well as a third, less-known group â were among those exploiting serious bugs in SharePoint server software.
2 weeks ago
US nuclear weapons agency hacked in Microsoft SharePoint attacks
Unknown threat actors have breached the National Nuclear Security Administration's network in attacks exploiting a recently patched Microsoft SharePoint zero-day vulnerability chain.
2 weeks ago
US nuclear weapons agency reportedly hacked in SharePoint attacks
Unknown threat actors have reportedly breached the National Nuclear Security Administration's (NNSA) network in attacks exploiting a recently patched Microsoft SharePoint zero-day vulnerability chain.
2 weeks ago
ToolShell Threat Brief: SharePoint RCE CVE-2025-53770, 53771
Bitsight's overview of critical SharePoint RCE zero-days CVE-2025-53770 & CVE-2025-53771, active exploitation & impact, with mitigation recommendations.
2 weeks ago
CISA Orders Urgent Patching After Chinese Hackers Exploit SharePoint Flaws in Live Attacks
CISA flags Microsoft SharePoint flaws under active attack by Chinese hackers. U.S. agencies must patch by July 23
2 weeks ago
3 China Nation-State Actors Target SharePoint Bugs
Hackers and cybercrime groups are part of a virtual feeding frenzy, after Microsoft's recent disclosure of new vulnerabilities in on-premises editions of SharePoint Server.
2 weeks ago

Cloudflare protects against critical SharePoint vulnerability, CVE-2025-53770
Microsoft disclosed two critical vulnerabilities, CVE-2025-53771 and CVE-2025-53770, that are exploited to attack SharePoint servers. Possession of these cryptographic machine keys allows an attacker to forge authentication tokens and maintain access even if the server is patched. Therefore, it is c...
2 weeks ago

Cloudflare protects against critical SharePoint vulnerability, CVE-2025-53770
Microsoft disclosed two critical vulnerabilities, CVE-2025-53771 and CVE-2025-53770, that are exploited to attack SharePoint servers. Possession of these cryptographic machine keys allows an attacker to forge authentication tokens and maintain access even if the server is patched. Therefore, it is c...
2 weeks ago

Cloudflare protects against critical SharePoint vulnerability, CVE-2025-53770
Microsoft disclosed two critical vulnerabilities, CVE-2025-53771 and CVE-2025-53770, that are exploited to attack SharePoint servers. Possession of these cryptographic machine keys allows an attacker to forge authentication tokens and maintain access even if the server is patched. Therefore, it is c...
2 weeks ago
UPDATE: Microsoft Releases Guidance on Exploitation of SharePoint Vulnerabilities | CISA
Update (07/22/2025): This Alert was updated to reflect newly released information(link is external) from Microsoft, and to correct the actively exploited Common Vulnerabilities and Exposures (CVEs), which...
2 weeks ago
Disrupting active exploitation of on-premises SharePoint vulnerabilities | Microsoft Security Blog
Microsoft has observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon, exploiting vulnerabilities targeting internet-facing SharePoint servers. In addition, we have observed another China-based threat actor, tracked as Storm-2603, exploiting these vulnerabilities. Microsoft ...
2 weeks ago
Microsoft Sharepoint ToolShell attacks linked to Chinese hackers
Hackers with ties to the Chinese government have been linked to a recent wave of widespread attacks targeting a Microsoft SharePoint zero-day vulnerability chain.
2 weeks ago
Microsoft Fix Targets Attacks on SharePoint Zero-Day
On Sunday, July 20, Microsoft Corp. issued an emergency security update for a vulnerability in SharePoint Server that is actively being exploited to compromise vulnerable organizations. The patch comes amid reports that malicious hackers have used the Sharepoint flaw toâŠ
2 weeks ago
Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access
Active SharePoint exploits since July 7 target governments and tech firms globally, risking key theft and persistent access.
2 weeks ago

SharePoint Zero-Day VulnerabilityCVE-2025-53770 - Check Point Blog
A critical zero-day vulnerability (CVE-2025-53770 ) in SharePoint on-prem is actively being exploited in the wild.
2 weeks ago
Proactive Security for CVE-2025-53770 and CVE-2025-53771 SharePoint Attacks
CVE-2025-53770 and CVE-2025-53771 are vulnerabilities in on-premise Microsoft SharePoint Servers that evolved from previously patched flaws, allowing unauthenticated remote code execution through advanced deserialization and ViewState abuse.
2 weeks ago
Proactive Security for CVE-2025-53770 and CVE-2025-53771 SharePoint Attacks
CVE-2025-53770 and CVE-2025-53771 are vulnerabilities in on-premise Microsoft SharePoint Servers that evolved from previously patched flaws, allowing unauthenticated remote code execution through advanced deserialization and ViewState abuse.
2 weeks ago
SharePoint ToolShell | Zero-Day Exploited in-the-Wild Targets Enterprise Servers
SentinelOne shares distinct attack clusters and a detailed timeline of events on an active exploit of the ToolShell 0-day in MS SharePoint.
2 weeks ago
ToolShell Zero-day: Microsoft Rushes Emergency Patch for Actively Exploited SharePoint Vulnerabilities | Qualys
On July 19, 2025, Microsoft issued an emergency out-of-band security update to address two zero-day vulnerabilities in Microsoft SharePoint Server: CVE-2025âŠ
2 weeks ago
SharePoint Vulnerabilities (CVE-2025-53770 & CVE-2025-53771): Everything You Need to Know | Wiz Blog
Detect and mitigate CVE-2025-53770 and CVE-2025-53771 - critical vulnerabilities in Microsoft SharePoint Server currently under active exploitation.
2 weeks ago

CVE-2025-53770: Widespread Exploitation of ToolShell RCE Vulnerability Observed in Microsoft SharePoint On-Premises - Arctic Wolf
On July 19, 2025, Microsoft disclosed active exploitation of a zero-day vulnerability (CVE-2025-53770) affecting on-premises SharePoint Server instances.
2 weeks ago
Microsoft SharePoint under 'active exploitation,' Homeland Security's CISA says
Microsoft said the company has been "coordinating closely with CISA, DOD Cyber Defense Command, and key cybersecurity partners around the world throughout our response."
2 weeks ago
Microsoftâs SharePoint is being hacked by cyberattackers, FBI and CSE warn - National | Globalnews.ca
Microsoft issued an alert on Saturday that said the server software being targeted is used by government agencies and businesses to share documents within their organizations.Â
2 weeks ago

SharePoint âToolShellâ vulnerabilities being exploited in the wild
Sophos X-Ops sees exploitation across multiple customer estates On July 18, 2025, Sophos MDR (Managed Detection and Response) analysts observed an influx of malicious activity targeting...
2 weeks ago
Microsoft Rushes Emergency Fix for Exploited SharePoint Bug
Malicious actors already have already pounced on the zero-day vulnerability, tracked as CVE-2025-53770, to compromise US government agencies and other businesses in ongoing and widespread attacks.
2 weeks ago
Microsoft Issues Emergency Patches for Actively Exploited SharePoint Server Vulnerabilities
Microsoft has released emergency patches to fix two actively exploited zero-day vulnerabilities in Microsoft SharePoint Server. The two vulnerabilities Microsoft has released emergency patches to fix two actively exploited zero-day vulnerabilities in Microsoft SharePoint Server. The vulnerabilities ...
2 weeks ago

Sharepoint servers are attacked via 0-day vulnerability (CVE-2025-53770) | Born's Tech and Windows World
[German]Does anyone in the readership operate a SharePoint server that is accessible via the Internet? If so, the house may be on fire. Since yesterday, I have been receiving information that SharePoint...
2 weeks ago

CISA Adds One Known Exploited Vulnerability, CVE-2025-53770 âToolShell,â to Catalog | CISA
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. See CISAâs Alert Microsoft Releases Guidance on Exploitation of SharePoint...
2 weeks ago
SharePoint zero-day CVE-2025-53770 actively exploited in the wild
Microsoft warns of ongoing active exploitation of a SharePoint zero-day vulnerability, tracked as CVE-2025-53770.
2 weeks ago
SharePoint zero-day CVE-2025-53770 actively exploited in the wild
Microsoft warns of ongoing active exploitation of a SharePoint zero-day vulnerability, tracked as CVE-2025-53770.
2 weeks ago
Microsoft releases emergency patches for SharePoint RCE flaws exploited in attacks
Microsoft has released emergency SharePoint security updates for two zero-day vulnerabilities tracked as CVE-2025-53770Â and CVE-2025-53771 that have compromised services worldwide in
2 weeks ago
Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks
Microsoft warns of active SharePoint exploits affecting on-prem users; 54 victims confirmed in major attack.
2 weeks ago
Microsoft warns on-prem SharePoint users of a zero-day
Infosec In Brief Microsoft has warned users of SharePoint Server that three on-prem versions of the product include a zero-day flaw that is under attack â and that its own failure to completely fix past...
2 weeks ago
Microsoft Patches âToolShellâ Zero-Days Exploited to Hack SharePoint Servers
Microsoft has started releasing updates to fix the exploited SharePoint zero-days tracked as CVE-2025-53770 and CVE-2025-53771.
2 weeks ago
Microsoft SharePoint servers under attack via zero-day vulnerability with no patch (CVE-2025-53770) - Help Net Security
Attackers are actively exploiting a zero-day variant (CVE-2025-53770) of a patched SharePoint remote code execution vulnerability.
2 weeks ago

Microsoft Releases Guidance on Exploitation of SharePoint Vulnerability (CVE-2025-53770) | CISA
CISA is aware of active exploitation of a new remote code execution (RCE) vulnerability enabling unauthorized access to on-premise SharePoint servers. While the scope and impact continue to be assessed, the...
3 weeks ago

Microsoft Releases Guidance on Exploitation of SharePoint Vulnerability (CVE-2025-53770) | CISA
CISA is aware of active exploitation of a new remote code execution (RCE) vulnerability enabling unauthorized access to on-premise SharePoint servers. While the scope and impact continue to be assessed, the...
3 weeks ago
Microsoft SharePoint zero-day exploited in RCE attacks, no patch available
A critical zero-day vulnerability in Microsoft SharePoint, tracked as CVE-2025-53770, has been actively exploited since at least July 18th, with no patch available and at least 85 servers already compromised worldwide.
3 weeks ago

SharePoint zero day exploited, governments hit, no patch yet
SharePoint zero day under mass attack: No patch yet for bug allocated CVE-2025-53770, potentially 9,000 exposed to the SharePoint vulnerability.
3 weeks ago

Microsoft Confirms Ongoing Mass SharePoint Attack â No Patch Available
Microsoft has confirmed that SharePoint Server is under mass attack and no patch is yet available â hereâs what you need to know and how to mitigate the threat.
3 weeks ago

Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Global Organizations
SharePoint zero-day CVE-2025-53770 exploited in mass attacks breaching 75+ orgs; on-prem users at high risk.
3 weeks ago