SharePoint Vulnerability Exploitation

Order byBest matchMost fresh

SharePoint, active exploitation

Disrupting active exploitation of on-premises SharePoint vulnerabilities

Microsoft has observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon, exploiting vulnerabilities targeting internet-facing SharePoint servers. In addition, we have observed another China-based threat actor,

· 3d

SharePoint vulnerability with 9.8 severity rating under exploit across globe

· 3d · on MSN

Microsoft SharePoint attack: Officials issue warning about 'active exploitation'

· 1d

Microsoft fixes three SharePoint zero-day exploits used in series of cyberattacks - how to patch them

Microsoft has patched two critical zero-day SharePoint security flaws that have already been exploited by hackers to attack vulnerable organizations.

· 1d

US Nuclear Body Among Those Impacted By SharePoint Breech

· 11h

Tally of Microsoft victims surges to 400 as hackers exploit SharePoint flaw

· 20h

Microsoft says some SharePoint server hackers now use ransomware

The disclosure marks a potential escalation in the campaign, which has already hit at least 400 victims, according to Netherlands-based cybersecurity firm Eye Security.

· 1d

US Nuclear Weapons Agency Breached in Microsoft SharePoint Hack, Bloomberg News Reports

· 1d

Microsoft servers hacked by Chinese groups, says tech giant

What to know about ToolShell, the SharePoint threat under mass exploitation

The name was coined by Dinh Ho Anh, a researcher from Khoa of Viettel Cyber Security, who developed the exploit. The researcher said he picked the name because it exploited ToolPane.aspx, a component for assembling the side panel view in the SharePoint user interface.

The Hacker News13h

Storm-2603 Exploits SharePoint Flaws to Deploy Warlock Ransomware on Unpatched Systems

Storm-2603 exploits SharePoint flaws to deploy Warlock ransomware, affecting 400+ victims. Microsoft urges mitigation.

SecurityWeek15h

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named

More information has emerged on the ToolShell SharePoint zero-day attacks, including impact, victims, and threat actors.

CSO Online13h

Microsoft’s incomplete SharePoint patch led to global exploits by China-linked hackers

A July 8 fix for a critical SharePoint zero-day failed to stop active exploitation, enabling state-backed attackers to breach nearly 100 organizations worldwide.

The Hacker News2d

Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access

Active SharePoint exploits since July 7 target governments and tech firms globally, risking key theft and persistent access.

Government Technology2d

As SharePoint Exploit Emerged, State Cyber Teams Mobilized

State CISOs in North Carolina and Arizona said their teams began work immediately to ensure on-prem SharePoint systems were secure, following the recent disclosure of an active zero-day exploit.

3don MSN

Microsoft releases urgent SharePoint security flaw patches - here's what you need to know, and how to update

To secure the endpoints, Microsoft recommends applying the July 2025 security updates immediately, as well as enabling Antimalware Scan Interface (AMSI) for SharePoint and making sure Defender Antivirus is deployed.

Nextgov3d

Threat intel firms on alert for government systems impacted by Microsoft SharePoint vulnerability

Governments, schools, healthcare providers and large enterprise firms are at risk, one cyber threat intelligence chief said.