News

What to know about ToolShell, the SharePoint threat under mass exploitation
The name was coined by Dinh Ho Anh, a researcher from Khoa of Viettel Cyber Security, who developed the exploit. The ...
SecurityWeek16h
Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch
Microsoft says the Chinese threat actors Linen Typhoon, Violet Typhoon, and Storm-2603 have been exploiting the ToolShell ...
US nuclear weapons agency reportedly hacked in SharePoint attacks
Unknown threat actors have reportedly breached the National Nuclear Security Administration's (NNSA) network in attacks ...
US Nuclear Agency hit in Microsoft SharePoint hack, company points finger at Chinese hackers
A widespread cyberattack, attributed to Chinese state-sponsored hackers, compromised over 100 organizations globally, ...
Three Chinese groups identified as attackers on Sharepoint servers
An analysis by Microsoft names three different groups from China as the attackers of the latest Sharepoint vulnerability. But ...
US nuclear weapons agency hacked in Microsoft SharePoint attacks
Unknown threat actors have breached the National Nuclear Security Administration's network in attacks exploiting a recently ...
SharePoint hacking campaign affects hundreds of systems worldwide
The global hacking campaign linked to the ToolShell vulnerability in Microsoft SharePoint has compromised hundreds of systems across the globe, according to security researchers. The Shadowserver ...
The Hacker News8h
CISA Orders Urgent Patching After Chinese Hackers Exploit SharePoint Flaws in Live Attacks
CISA flags Microsoft SharePoint flaws under active attack by Chinese hackers. U.S. agencies must patch by July 23 ...
Microsoft knew of SharePoint security flaw but failed to effectively patch it, timeline shows
A security patch Microsoft (MSFT.O), opens new tab released this month failed to fully fix a critical flaw in the U.S. tech ...
GovInfoSecurity5h
US Nuclear Agency Breach Tied to SharePoint Zero-Days
The U.S. government agency that maintains and designs America's nuclear weapons was reportedly breached by attackers ...
Attacks on Microsoft Sharepoint: What admins need to do after patching
Closing the gaps is not enough against the current toolshell attacks. After all, attackers could already be inside. We show ...
Microsoft Warns Of Active Exploits Targeting SharePoint Vulnerabilities
Microsoft warns of active attacks by Chinese hackers exploiting SharePoint flaws CVE-2025-49706 and CVE-2025-49704, urging urgent patching and mitigation steps.