If exploited, attackers can gain full access to SharePoint content and potentially pivot to Outlook, Teams, and OneDrive.

The name was coined by Dinh Ho Anh, a researcher from Khoa of Viettel Cyber Security, who developed the exploit. The ...

ESET Research has been monitoring intense attacks involving the recently discovered ToolShell zero-day vulnerabilities.

More information has emerged on the ToolShell SharePoint zero-day attacks, including impact, victims, and threat actors.

Microsoft has released security patches for the zero-day vulnerability chain dubbed ToolShell, capable of remote code ...

An ongoing cyberattack campaign known as “ToolShell” is exploiting on-premises Microsoft SharePoint Servers and has ...

Hackers with ties to the Chinese government have been linked to a recent wave of widespread attacks targeting a Microsoft ...

More details emerged on the ToolShell zero-day attacks targeting SharePoint servers, but confusion remains over the ...

Microsoft released a patch Monday for SharePoint Server 2016 that protects customers against a pair of vulnerabilities, which ...

Although Microsoft acknowledged the SharePoint problem, the original fix did not prevent hacking. Right now government and ...

Microsoft also has issued a patch for a related SharePoint vulnerability — CVE-2025-53771; Microsoft says there are no signs ...

Microsoft has observed three China-based threat actors, Linen Typhoon, Violet Typhoon and Storm-2603, exploiting the ...