Microsoft said in a post on its website on Saturday that it was “aware of active attacks targeting on-premises SharePoint Server customers by exploiting vulnerabilities.” SharePoint is a Microsoft platform that allows customers to manage and share documents within their organizations.

Unknown attackers exploited a “significant vulnerability” in Microsoft’s SharePoint collaboration software, hitting targets around the world.

A major cyberespionage operation targeting Microsoft's SharePoint server software has compromised about 100 organizations worldwide. The operation exploits a zero-day vulnerability, allowing hackers to install backdoors on affected servers.

Your morning coffee just turned cold reading this: cybercriminals are exploiting a zero-day vulnerability in Microsoft SharePoint servers, and they don’t even need login credentials. Like digital lockpickers who discovered every office door uses the same broken lock,

Hackers exploited a security flaw in common Microsoft Corp. software to breach governments, businesses and other organizations across the globe and steal sensitive information, according to officials and cybersecurity researchers.

A major cyberattack has hit Microsoft's SharePoint platforms, putting thousands of organizations at risk around the world. The attack began

The zero-day flaw, tracked as CVE-2025-53770 (CVSS score: 9.8), has been described as a variant of CVE-2025-49706 (CVSS score: 6.3), a spoofing bug in Microsoft SharePoint Server that was addressed by the tech giant as part of its July 2025 Patch Tuesday updates.