Microsoft News Articles

Recent news articles refferecing the vendors vulnerabilities.

CISA Releases Malware Analysis Report Associated with Microsoft SharePoint Vulnerabilities | CISA

CISA published a Malware Analysis Report (MAR) with analysis and associated detection signatures on files related to Microsoft SharePoint vulnerabilities: CVE-2025-49704(link is external) [CWE-94: Code...

13 hours ago

ALERTS VULNEREBILITY

DATENAME INFO CATEGORYSUBCATE 25.7.25 CVE-2025-53770 - Critical SharePoint Zero-Day vulnerability exploited in the wild Microsoft has patched a zero-day vulnerability in SharePoint...

21 hours ago

The Heat Wasn't Just Outside: Cyber Attacks Spiked in Summer 2025

Can your defenses withstand the biggest attacks of Summer 2025? From Interlock's FileFix to Qilin, Scattered Spider, and ToolShell exploits—simulate them all against your organization's defenses with Picus Security Validation Platform to find gaps before attackers do.

2 days ago

Ransomware gangs join attacks targeting Microsoft SharePoint servers

Ransomware gangs have recently joined ongoing attacks targeting a Microsoft SharePoint vulnerability chain, part of a broader exploitation campaign that has already led to the breach of at least 148 organizations worldwide.

3 days ago

Active Exploitation of Microsoft SharePoint Vulnerabilities: Threat Brief (Updated July 29)

Unit 42 has observed active exploitation of recent Microsoft SharePoint vulnerabilities. Here’s how you can protect your organization. Unit 42 has observed active exploitation of recent Microsoft SharePoint vulnerabilities. Here’s how you can protect your organization.

1 week ago

ToolShell: Uncovering Five Critical Vulnerabilities in Microsoft SharePoint

Security researchers from Kaspersky have detailed a sophisticated exploit chain dubbed "ToolShell," actively targeting on-premise.

1 week ago

ToolShell: a story of five vulnerabilities in Microsoft SharePoint

Explaining the ToolShell vulnerabilities in SharePoint: how the POST request exploit works, why initial patches can be easily bypassed, and how to stay protected.

2 weeks ago

Microsoft SharePoint attacks ensnare 400 victims, including federal agencies

The Departments of Energy, Homeland Security and Health and Human Services have been impacted.

2 weeks ago

What we know about the Microsoft SharePoint attacks

State-linked hackers and ransomware groups are targeting SharePoint customers across the globe.

2 weeks ago

Chinese nation-state groups exploiting SharePoint vulnerability, Microsoft confirms

Microsoft said previously known Chinese nation-state operations that it tracks as Linen Typhoon and Violet Typhoon — as well as a third, less-known group — were among those exploiting serious bugs in SharePoint server software.

2 weeks ago

US nuclear weapons agency hacked in Microsoft SharePoint attacks

Unknown threat actors have breached the National Nuclear Security Administration's network in attacks exploiting a recently patched Microsoft SharePoint zero-day vulnerability chain.

2 weeks ago

US nuclear weapons agency reportedly hacked in SharePoint attacks

Unknown threat actors have reportedly breached the National Nuclear Security Administration's (NNSA) network in attacks exploiting a recently patched Microsoft SharePoint zero-day vulnerability chain.

2 weeks ago

ToolShell Threat Brief: SharePoint RCE CVE-2025-53770, 53771

Bitsight's overview of critical SharePoint RCE zero-days CVE-2025-53770 & CVE-2025-53771, active exploitation & impact, with mitigation recommendations.

2 weeks ago

CISA Orders Urgent Patching After Chinese Hackers Exploit SharePoint Flaws in Live Attacks

CISA flags Microsoft SharePoint flaws under active attack by Chinese hackers. U.S. agencies must patch by July 23

2 weeks ago

3 China Nation-State Actors Target SharePoint Bugs

Hackers and cybercrime groups are part of a virtual feeding frenzy, after Microsoft's recent disclosure of new vulnerabilities in on-premises editions of SharePoint Server.

2 weeks ago

Cloudflare protects against critical SharePoint vulnerability, CVE-2025-53770

Microsoft disclosed two critical vulnerabilities, CVE-2025-53771 and CVE-2025-53770, that are exploited to attack SharePoint servers. Possession of these cryptographic machine keys allows an attacker to forge authentication tokens and maintain access even if the server is patched. Therefore, it is c...

2 weeks ago

Cloudflare protects against critical SharePoint vulnerability, CVE-2025-53770

Microsoft disclosed two critical vulnerabilities, CVE-2025-53771 and CVE-2025-53770, that are exploited to attack SharePoint servers. Possession of these cryptographic machine keys allows an attacker to forge authentication tokens and maintain access even if the server is patched. Therefore, it is c...

2 weeks ago

Cloudflare protects against critical SharePoint vulnerability, CVE-2025-53770

Microsoft disclosed two critical vulnerabilities, CVE-2025-53771 and CVE-2025-53770, that are exploited to attack SharePoint servers. Possession of these cryptographic machine keys allows an attacker to forge authentication tokens and maintain access even if the server is patched. Therefore, it is c...

2 weeks ago

UPDATE: Microsoft Releases Guidance on Exploitation of SharePoint Vulnerabilities | CISA

Update (07/22/2025): This Alert was updated to reflect newly released information(link is external) from Microsoft, and to correct the actively exploited Common Vulnerabilities and Exposures (CVEs), which...

2 weeks ago

Disrupting active exploitation of on-premises SharePoint vulnerabilities | Microsoft Security Blog

Microsoft has observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon, exploiting vulnerabilities targeting internet-facing SharePoint servers. In addition, we have observed another China-based threat actor, tracked as Storm-2603, exploiting these vulnerabilities. Microsoft ...

2 weeks ago

Microsoft Sharepoint ToolShell attacks linked to Chinese hackers

Hackers with ties to the Chinese government have been linked to a recent wave of widespread attacks targeting a Microsoft SharePoint zero-day vulnerability chain.

2 weeks ago

Microsoft Fix Targets Attacks on SharePoint Zero-Day

On Sunday, July 20, Microsoft Corp. issued an emergency security update for a vulnerability in SharePoint Server that is actively being exploited to compromise vulnerable organizations. The patch comes amid reports that malicious hackers have used the Sharepoint flaw to


2 weeks ago

Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access

Active SharePoint exploits since July 7 target governments and tech firms globally, risking key theft and persistent access.

2 weeks ago

SharePoint Zero-Day VulnerabilityCVE-2025-53770 - Check Point Blog

A critical zero-day vulnerability (CVE-2025-53770 ) in SharePoint on-prem is actively being exploited in the wild.

2 weeks ago

Proactive Security for CVE-2025-53770 and CVE-2025-53771 SharePoint Attacks

CVE-2025-53770 and CVE-2025-53771 are vulnerabilities in on-premise Microsoft SharePoint Servers that evolved from previously patched flaws, allowing unauthenticated remote code execution through advanced deserialization and ViewState abuse.

2 weeks ago

Proactive Security for CVE-2025-53770 and CVE-2025-53771 SharePoint Attacks

CVE-2025-53770 and CVE-2025-53771 are vulnerabilities in on-premise Microsoft SharePoint Servers that evolved from previously patched flaws, allowing unauthenticated remote code execution through advanced deserialization and ViewState abuse.

2 weeks ago

SharePoint ToolShell | Zero-Day Exploited in-the-Wild Targets Enterprise Servers

SentinelOne shares distinct attack clusters and a detailed timeline of events on an active exploit of the ToolShell 0-day in MS SharePoint.

2 weeks ago

ToolShell Zero-day: Microsoft Rushes Emergency Patch for Actively Exploited SharePoint Vulnerabilities | Qualys

On July 19, 2025, Microsoft issued an emergency out-of-band security update to address two zero-day vulnerabilities in Microsoft SharePoint Server: CVE-2025


2 weeks ago

SharePoint Vulnerabilities (CVE-2025-53770 & CVE-2025-53771): Everything You Need to Know | Wiz Blog

Detect and mitigate CVE-2025-53770 and CVE-2025-53771 - critical vulnerabilities in Microsoft SharePoint Server currently under active exploitation.

2 weeks ago

CVE-2025-53770: Widespread Exploitation of ToolShell RCE Vulnerability Observed in Microsoft SharePoint On-Premises - Arctic Wolf

On July 19, 2025, Microsoft disclosed active exploitation of a zero-day vulnerability (CVE-2025-53770) affecting on-premises SharePoint Server instances.

2 weeks ago

Microsoft SharePoint under 'active exploitation,' Homeland Security's CISA says

Microsoft said the company has been "coordinating closely with CISA, DOD Cyber Defense Command, and key cybersecurity partners around the world throughout our response."

2 weeks ago

Microsoft’s SharePoint is being hacked by cyberattackers, FBI and CSE warn - National | Globalnews.ca

Microsoft issued an alert on Saturday that said the server software being targeted is used by government agencies and businesses to share documents within their organizations. 

2 weeks ago

SharePoint ‘ToolShell’ vulnerabilities being exploited in the wild

Sophos X-Ops sees exploitation across multiple customer estates On July 18, 2025, Sophos MDR (Managed Detection and Response) analysts observed an influx of malicious activity targeting...

2 weeks ago

Microsoft Rushes Emergency Fix for Exploited SharePoint Bug

Malicious actors already have already pounced on the zero-day vulnerability, tracked as CVE-2025-53770, to compromise US government agencies and other businesses in ongoing and widespread attacks.

2 weeks ago

Microsoft Issues Emergency Patches for Actively Exploited SharePoint Server Vulnerabilities

Microsoft has released emergency patches to fix two actively exploited zero-day vulnerabilities in Microsoft SharePoint Server. The two vulnerabilities Microsoft has released emergency patches to fix two actively exploited zero-day vulnerabilities in Microsoft SharePoint Server. The vulnerabilities ...

2 weeks ago

Sharepoint servers are attacked via 0-day vulnerability (CVE-2025-53770) | Born's Tech and Windows World

[German]Does anyone in the readership operate a SharePoint server that is accessible via the Internet? If so, the house may be on fire. Since yesterday, I have been receiving information that SharePoint...

2 weeks ago

CISA Adds One Known Exploited Vulnerability, CVE-2025-53770 “ToolShell,” to Catalog | CISA

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. See CISA’s Alert Microsoft Releases Guidance on Exploitation of SharePoint...

2 weeks ago

SharePoint zero-day CVE-2025-53770 actively exploited in the wild

Microsoft warns of ongoing active exploitation of a SharePoint zero-day vulnerability, tracked as CVE-2025-53770.

2 weeks ago

SharePoint zero-day CVE-2025-53770 actively exploited in the wild

Microsoft warns of ongoing active exploitation of a SharePoint zero-day vulnerability, tracked as CVE-2025-53770.

2 weeks ago

Microsoft releases emergency patches for SharePoint RCE flaws exploited in attacks

Microsoft has released emergency SharePoint security updates for two zero-day vulnerabilities tracked as CVE-2025-53770 and CVE-2025-53771 that have compromised services worldwide in

2 weeks ago

Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks

Microsoft warns of active SharePoint exploits affecting on-prem users; 54 victims confirmed in major attack.

2 weeks ago

Microsoft warns on-prem SharePoint users of a zero-day

Infosec In Brief Microsoft has warned users of SharePoint Server that three on-prem versions of the product include a zero-day flaw that is under attack – and that its own failure to completely fix past...

2 weeks ago

Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers

Microsoft has started releasing updates to fix the exploited SharePoint zero-days tracked as CVE-2025-53770 and CVE-2025-53771.

2 weeks ago

Microsoft SharePoint servers under attack via zero-day vulnerability with no patch (CVE-2025-53770) - Help Net Security

Attackers are actively exploiting a zero-day variant (CVE-2025-53770) of a patched SharePoint remote code execution vulnerability.

2 weeks ago

Microsoft Releases Guidance on Exploitation of SharePoint Vulnerability (CVE-2025-53770) | CISA

CISA is aware of active exploitation of a new remote code execution (RCE) vulnerability enabling unauthorized access to on-premise SharePoint servers. While the scope and impact continue to be assessed, the...

3 weeks ago

Microsoft Releases Guidance on Exploitation of SharePoint Vulnerability (CVE-2025-53770) | CISA

CISA is aware of active exploitation of a new remote code execution (RCE) vulnerability enabling unauthorized access to on-premise SharePoint servers. While the scope and impact continue to be assessed, the...

3 weeks ago

Microsoft SharePoint zero-day exploited in RCE attacks, no patch available

A critical zero-day vulnerability in Microsoft SharePoint, tracked as CVE-2025-53770, has been actively exploited since at least July 18th, with no patch available and at least 85 servers already compromised worldwide.

3 weeks ago

SharePoint zero day exploited, governments hit, no patch yet

SharePoint zero day under mass attack: No patch yet for bug allocated CVE-2025-53770, potentially 9,000 exposed to the SharePoint vulnerability.

3 weeks ago

Microsoft Confirms Ongoing Mass SharePoint Attack — No Patch Available

Microsoft has confirmed that SharePoint Server is under mass attack and no patch is yet available — here’s what you need to know and how to mitigate the threat.

3 weeks ago

Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Global Organizations

SharePoint zero-day CVE-2025-53770 exploited in mass attacks breaching 75+ orgs; on-prem users at high risk.

3 weeks ago

No more news articles to load.