News

What to know about ToolShell, the SharePoint threat under mass exploitation
The name was coined by Dinh Ho Anh, a researcher from Khoa of Viettel Cyber Security, who developed the exploit. The ...
US nuclear weapons agency hacked in Microsoft SharePoint attacks
Unknown threat actors have breached the National Nuclear Security Administration's network in attacks exploiting a recently ...
The Hacker News14h
CISA Orders Urgent Patching After Chinese Hackers Exploit SharePoint Flaws in Live Attacks
CISA flags Microsoft SharePoint flaws under active attack by Chinese hackers. U.S. agencies must patch by July 23 ...
Microsoft fixes three SharePoint zero-day exploits used in series of cyberattacks - how to patch them
Microsoft has pointed the finger at three Chinese nation-state actors for exploiting the SharePoint vulnerabilities. Here's ...
SecurityWeek1d
ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets
More details emerged on the ToolShell zero-day attacks targeting SharePoint servers, but confusion remains over the ...
Infosecurity Magazine1d
SharePoint 'ToolShell' Vulnerabilities Exploited by Chinese Nation-State Hackers
Microsoft has observed three China-based threat actors, Linen Typhoon, Violet Typhoon and Storm-2603, exploiting the ...
SecurityWeek1d
Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers
Microsoft has started releasing updates to fix the exploited SharePoint zero-days tracked as CVE-2025-53770 and CVE-2025-53771.
Computer Weekly1d
Chinese cyber spies among those linked to SharePoint attacks
Exploitation of the ToolShell RCE zero-day in Microsoft SharePoint continues to gather pace, with evidence emerging of ...
Microsoft links Sharepoint ToolShell attacks to Chinese hackers
Hackers with ties to the Chinese government have been linked to a recent wave of widespread attacks targeting a Microsoft ...
Patch SharePoint Now: Microsoft Servers at Risk of New ToolShell RCE Attack
If exploited, attackers can gain full access to SharePoint content and potentially pivot to Outlook, Teams, and OneDrive.
CRN2d
Microsoft Releases Final Patch For SharePoint Server Against ‘ToolShell’ Attacks
Microsoft released a patch Monday for SharePoint Server 2016 that protects customers against a pair of vulnerabilities, which ...
"We’re witnessing an urgent and active threat" — Microsoft SharePoint "ToolShell" vulnerability is being attacked globally
The term "zero-day" attack refers to when a previously unknown vulnerability is targeted. Tens of thousands of servers are ...