SharePoint Zero-Day Exploitation

Order byBest matchMost fresh

SharePoint, Microsoft

Mass Exploitation: Hackers Hit Zero-Day Flaw in Microsoft's SharePoint

The newly discovered flaw in Microsoft's SharePoint software has allowed hackers to target dozens of companies and organizations. Only a partial fix has been issued.

The Hacker News · 3d

Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access

CSO Online · 1d

Microsoft’s incomplete SharePoint patch led to global exploits by China-linked hackers

· 1d

Microsoft fixes three SharePoint zero-day exploits used in series of cyberattacks - how to patch them

Microsoft has patched two critical zero-day SharePoint security flaws that have already been exploited by hackers to attack vulnerable organizations.

· 1d

US Nuclear Body Among Those Impacted By SharePoint Breech

· 1d

Chinese Hackers Are Exploiting Flaws in Widely Used Software, Microsoft Says

· 2d

Microsoft Server Hack Has Now Hit 400 Victims, Researchers Say

Eye Security says the figure is likely an undercount.

· 1d

Microsoft says some SharePoint server hackers now use ransomware

· 1d

The SharePoint flaw has now hit over 400 companies including a US nuclear administration

The Hacker News4d

Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Company Servers

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), in an alert, said it's aware of active exploitation of CVE-2025-53770, which enables unauthenticated access to SharePoint systems and arbitrary code execution over the network.

SecurityWeek1d

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named

More information has emerged on the ToolShell SharePoint zero-day attacks, including impact, victims, and threat actors.

What to know about ToolShell, the SharePoint threat under mass exploitation

The name was coined by Dinh Ho Anh, a researcher from Khoa of Viettel Cyber Security, who developed the exploit. The researcher said he picked the name because it exploited ToolPane.aspx, a component for assembling the side panel view in the SharePoint user interface.

Asianet Newsable on MSN2d

US Nuclear Weapons Agency Reportedly Hit In Microsoft ‘Zero-Day’ Breach — DOE Says Impact Was Minimal

Providing additional updates on the breach, Microsoft said in a blog post on Tuesday that two Chinese nation-state operators, Linen Typhoon and Violet Typhoon, exploited vulnerabilities in the internet-facing SharePoint servers.