SharePoint Zero-Day Exploitation

Order byBest matchMost fresh

Hackers Hit Zero-Day Flaw in Microsoft's SharePoint

Microsoft Releases Emergency Updates Amid Active Exploitation of SharePoint Zero-Day Vulnerability Chain

Microsoft has released security patches for the zero-day vulnerability chain dubbed ToolShell, capable of remote code execution on SharePoint, resulting in the exploitation of at least 54 organizations worldwide.

· 4d

Microsoft SharePoint zero-day exploited in RCE attacks, no patch available

PCMag on MSN · 3d

Mass Exploitation: Hackers Hit Zero-Day Flaw in Microsoft's SharePoint

· 1d

Microsoft says some SharePoint server hackers now use ransomware

The disclosure marks a potential escalation in the campaign, which has already hit at least 400 victims, according to Netherlands-based cybersecurity firm Eye Security.

· 1d

Tally of Microsoft victims surges to 400 as hackers exploit SharePoint flaw

· 1d

Microsoft seemingly confirms Chinese hackers behind SharePoint server attacks

SecurityWeek1d

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named

More information has emerged on the ToolShell SharePoint zero-day attacks, including impact, victims, and threat actors.

What to know about ToolShell, the SharePoint threat under mass exploitation

The name was coined by Dinh Ho Anh, a researcher from Khoa of Viettel Cyber Security, who developed the exploit. The researcher said he picked the name because it exploited ToolPane.aspx, a component for assembling the side panel view in the SharePoint user interface.

The Hacker News4d

Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Company Servers

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), in an alert, said it's aware of active exploitation of CVE-2025-53770, which enables unauthenticated access to SharePoint systems and arbitrary code execution over the network.

Redmondmag.com3d

SharePoint Zero Day Vulnerability Exploited in Government System Breaches

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert Sunday detailing active exploitation of a critical SharePoint vulnerability, CVE-2025-53770.

Asianet Newsable on MSN2d

US Nuclear Weapons Agency Reportedly Hit In Microsoft ‘Zero-Day’ Breach — DOE Says Impact Was Minimal

Providing additional updates on the breach, Microsoft said in a blog post on Tuesday that two Chinese nation-state operators, Linen Typhoon and Violet Typhoon, exploited vulnerabilities in the internet-facing SharePoint servers.