Microsoft, SharePoint
Digest more
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), in an alert, said it's aware of active exploitation of CVE-2025-53770, which enables unauthenticated access to SharePoint systems and arbitrary code execution over the network.
State CISOs in North Carolina and Arizona said their teams began work immediately to ensure on-prem SharePoint systems were secure, following the recent disclosure of an active zero-day exploit.
Microsoft has released a critical patch for a security flaw in its SharePoint software. Hackers actively exploited this vulnerability, targeting businesses and US government agencies. The company issued the fix between July 19 and 20.
5hon MSN
A security patch released by Microsoft earlier this month failed to fully fix a critical flaw in the U.S. tech company's SharePoint server software that had been identified at a hacking competition in May,
Dubbed a “zero-day” because it leverages a previously undisclosed digital weakness, the hacks allow spies to penetrate vulnerable servers and potentially drop a backdoor to secure continuous access to victim organisations.
A major cyberespionage operation targeting Microsoft's SharePoint server software has compromised about 100 organizations worldwide. The operation exploits a zero-day vulnerability, allowing hackers to install backdoors on affected servers.