Microsoft has released two emergency patches to address zero-day vulnerabilities that have been found in SharePoint RCE. Actively exploited in attacks, the two flaws (tracked as CVE-2025-53770 and CVE ...

Google’s Threat Analysis Group (TAG) has been credited with discovering and reporting the flaw on June 23, 2025.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), in an alert, said it's aware of active exploitation of CVE-2025-53770, which enables unauthenticated access to SharePoint systems and ...

The newly discovered flaw in Microsoft's SharePoint software has allowed hackers to target dozens of companies and ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert Sunday detailing active exploitation of a ...

Microsoft also has issued a patch for a related SharePoint vulnerability — CVE-2025-53771; Microsoft says there are no signs ...

Active SharePoint exploits since July 7 target governments and tech firms globally, risking key theft and persistent access.

Microsoft has issued an emergency fix for SharePoint software due to a zero-day vulnerability. Hackers exploited this flaw, ...

"Anybody who's got a hosted SharePoint server has got a problem," Adam Meyers, senior vice president with CrowdStrike, told ...

More details emerged on the ToolShell zero-day attacks targeting SharePoint servers, but confusion remains over the ...

Microsoft has released a critical patch for a security flaw in its SharePoint software. Hackers actively exploited this ...

Microsoft’s emergency fixes have not stemmed the “ToolShell” tide. The critical SharePoint zero‑day (CVE‑2025‑53770, CVSS 9.8 ...