If exploited, attackers can gain full access to SharePoint content and potentially pivot to Outlook, Teams, and OneDrive.

Hackers with ties to the Chinese government have been linked to a recent wave of widespread attacks targeting a Microsoft ...

CISA flags Microsoft SharePoint flaws under active attack by Chinese hackers. U.S. agencies must patch by July 23 ...

Microsoft has observed three China-based threat actors, Linen Typhoon, Violet Typhoon and Storm-2603, exploiting the ...

Microsoft has started releasing updates to fix the exploited SharePoint zero-days tracked as CVE-2025-53770 and CVE-2025-53771.

Microsoft says the Chinese threat actors Linen Typhoon, Violet Typhoon, and Storm-2603 have been exploiting the ToolShell ...

Exploitation of the ToolShell RCE zero-day in Microsoft SharePoint continues to gather pace, with evidence emerging of ...

An analysis by Microsoft names three different groups from China as the attackers of the latest Sharepoint vulnerability. But ...

The active exploitation of a zero-day vulnerability in Microsoft SharePoint has led to a sweeping cyberattack involving over ...

A security patch Microsoft released this month failed to fully fix a critical flaw in the U.S. tech giant's SharePoint server software, opening the door to a sweeping global cyber espionage effort, a ...

Closing the gaps is not enough against the current toolshell attacks. After all, attackers could already be inside. We show ...

A botched security patch by Microsoft has left its widely-used SharePoint Server exposed to a critical vulnerability—fueling ...