SharePoint Vulnerability Exploitation

Order byBest matchMost fresh

SharePoint, Microsoft

Microsoft Releases Emergency Updates Amid Active Exploitation of SharePoint Zero-Day Vulnerability Chain

Microsoft has released security patches for the zero-day vulnerability chain dubbed ToolShell, capable of remote code execution on SharePoint, resulting in the exploitation of at least 54 organizations worldwide.

Microsoft · 4d

Disrupting active exploitation of on-premises SharePoint vulnerabilities

Cyber Daily · 2h

Industry responds to Microsoft’s SharePoint vulnerability exploitation

· 2d

U.S. nuclear and health agencies hit in Microsoft SharePoint breach

The National Institutes of Health and the federal agency responsible for securing the nation’s nuclear weapons were among the victims in a global breach of Microsoft server software over the weekend,...

· 1d

Tally of Microsoft victims surges to 400 as hackers exploit SharePoint flaw

· 1d

Chinese Hackers Are Exploiting Flaws in Widely Used Software, Microsoft Says

· 1d

Microsoft says some SharePoint server hackers now use ransomware

The disclosure marks a potential escalation in the campaign, which has already hit at least 400 victims, according to Netherlands-based cybersecurity firm Eye Security.

· 1d

Nuclear Weapons Agency Breached in Microsoft SharePoint Hack

· 1d

The SharePoint flaw has now hit over 400 companies including a US nuclear administration

What to know about ToolShell, the SharePoint threat under mass exploitation

The name was coined by Dinh Ho Anh, a researcher from Khoa of Viettel Cyber Security, who developed the exploit. The researcher said he picked the name because it exploited ToolPane.aspx, a component for assembling the side panel view in the SharePoint user interface.

Government Technology2d

As SharePoint Exploit Emerged, State Cyber Teams Mobilized

State CISOs in North Carolina and Arizona said their teams began work immediately to ensure on-prem SharePoint systems were secure, following the recent disclosure of an active zero-day exploit.

The Hacker News3d

Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access

Active SharePoint exploits since July 7 target governments and tech firms globally, risking key theft and persistent access.

SharePoint vulnerability with 9.8 severity rating under exploit across globe

The vulnerability, tracked as CVE-2025-53770, carries a severity rating of 9.8 out of a possible 10. It gives unauthenticated remote access to SharePoint Servers exposed to the Internet. Starting Friday,