CISA gave agencies until the end of the day on Monday to mitigate a severe zero-day vulnerability in Microsoft's widely used SharePoint software.

The term "zero-day" attack refers to when a previously unknown vulnerability is targeted. Tens of thousands of servers are ...

IBM helps businesses prepare for cyber threats, provides AI-powered cybersecurity solutions, and does security consulting and ...

According to the Cybersecurity and Infrastructure Security Agency (CISA), the hackers use a variation of an existing vulnerability. With ToolShell onboard, SharePoint Servers are capable of executing ...

The hackers have been able to "fully access" SharePoint content and execute code, according to the U.S. Cybersecurity and ...

Microsoft Systems administrators everywhere, it looks like you get a Patch Monday as a side dish to the usual Patch Tuesday ...

Microsoft issued an alert about "active attacks" targeting its SharePoint server software, which is widely used by businesses ...

Microsoft also has issued a patch for a related SharePoint vulnerability — CVE-2025-53771; Microsoft says there are no signs ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), in an alert, said it's aware of active exploitation of CVE-2025-53770, which enables unauthenticated access to SharePoint systems and ...

Attackers are using a remote execution code on vulnerable systems to initiate a zero-day exploit called 'ToolShell' that is affecting certain SharePoint servers and may allow access to Teams, OneDrive ...

A major cyberattack has hit Microsoft's SharePoint platforms, putting thousands of organizations at risk around the world.

An ongoing cyberattack campaign known as “ToolShell” is exploiting on-premises Microsoft SharePoint Servers and has ...