SharePoint Zero-Day Exploitation

Order byBest matchMost fresh

Microsoft, SharePoint

Microsoft Releases Emergency Updates Amid Active Exploitation of SharePoint Zero-Day Vulnerability Chain

Microsoft has released security patches for the zero-day vulnerability chain dubbed ToolShell, capable of remote code execution on SharePoint, resulting in the exploitation of at least 54 organizations worldwide.

PCMag on MSN · 3d

Mass Exploitation: Hackers Hit Zero-Day Flaw in Microsoft's SharePoint

· 5d

Microsoft SharePoint zero-day exploited in RCE attacks, no patch available

· 1d

Microsoft says some SharePoint server hackers now use ransomware

The disclosure marks a potential escalation in the campaign, which has already hit at least 400 victims, according to Netherlands-based cybersecurity firm Eye Security.

CSOonline · 1d

Microsoft’s incomplete SharePoint patch led to global exploits by China-linked hackers

· 1d

Microsoft servers hacked by Chinese groups, says tech giant

SecurityWeek1d

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named

More information has emerged on the ToolShell SharePoint zero-day attacks, including impact, victims, and threat actors.

The Hacker News4d

Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Company Servers

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), in an alert, said it's aware of active exploitation of CVE-2025-53770, which enables unauthenticated access to SharePoint systems and arbitrary code execution over the network.

Redmondmag.com3d

SharePoint Zero Day Vulnerability Exploited in Government System Breaches

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert Sunday detailing active exploitation of a critical SharePoint vulnerability, CVE-2025-53770.

Asianet Newsable on MSN2d

US Nuclear Weapons Agency Reportedly Hit In Microsoft ‘Zero-Day’ Breach — DOE Says Impact Was Minimal

Providing additional updates on the breach, Microsoft said in a blog post on Tuesday that two Chinese nation-state operators, Linen Typhoon and Violet Typhoon, exploited vulnerabilities in the internet-facing SharePoint servers.

The Hacker News3d

Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access

Active SharePoint exploits since July 7 target governments and tech firms globally, risking key theft and persistent access.