News
Microsoft Releases Emergency Updates Amid Active Exploitation of SharePoint Zero-Day Vulnerability Chain
Microsoft has released security patches for the zero-day vulnerability chain dubbed ToolShell, capable of remote code execution on SharePoint, resulting in the exploitation of at least 54 organizations worldwide.
Microsoft SharePoint zero-day exploited in RCE attacks, no patch available
Critical zero-day vulnerabilities in Microsoft SharePoint, tracked as CVE-2025-53770 and CVE-2025-53771, have been actively exploited since at least July 18th, with no patch available and at least 85 servers already compromised worldwide.
A July 8 fix for a critical SharePoint zero-day failed to stop active exploitation, enabling state-backed attackers to breach ...
The name was coined by Dinh Ho Anh, a researcher from Khoa of Viettel Cyber Security, who developed the exploit. The ...
More information has emerged on the ToolShell SharePoint zero-day attacks, including impact, victims, and threat actors.
Microsoft also has issued a patch for a related SharePoint vulnerability — CVE-2025-53771; Microsoft says there are no signs ...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert Sunday detailing active exploitation of a ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback