Eye Security, a cybersecurity firm, says it "identified active large-scale exploitation" of the new vulnerability "being used ...

CISA flags Microsoft SharePoint flaws under active attack by Chinese hackers. U.S. agencies must patch by July 23 ...

CISA gave agencies until the end of the day on Monday to mitigate a severe zero-day vulnerability in Microsoft's widely used ...

Federal cybersecurity officials have issued a warning to Microsoft users about a security flaw allowing hackers to access to ...

The zero-day vulnerability — which was first disclosed late Saturday — has been exploited by several Chinese state-aligned ...

Microsoft has released security patches for the zero-day vulnerability chain dubbed ToolShell, capable of remote code ...

Department of Homeland Security headquarters, several of its agencies and the Department of Health and Human Services have ...

On July 20, 2025, Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA) issued urgent warnings about new, actively ...

Microsoft also has issued a patch for a related SharePoint vulnerability — CVE-2025-53771; Microsoft says there are no signs ...

A cyber-espionage campaign centered on vulnerable versions of Microsoft's server software now involves the deployment of ...

A China-based hacking group is deploying Warlock ransomware on Microsoft SharePoint servers vulnerable to widespread attacks ...

Microsoft has confirmed that vulnerabilities in its on-premises SharePoint Server installations, a network spoofing vulnerability (CVE-202549706), ...