Eye Security, a cybersecurity firm, says it "identified active large-scale exploitation" of the new vulnerability "being used ...

CISA flags Microsoft SharePoint flaws under active attack by Chinese hackers. U.S. agencies must patch by July 23 ...

Federal cybersecurity officials have issued a warning to Microsoft users about a security flaw allowing hackers to access to ...

CISA gave agencies until the end of the day on Monday to mitigate a severe zero-day vulnerability in Microsoft's widely used ...

A cyber-espionage campaign centered on vulnerable versions of Microsoft's server software now involves the deployment of ...

Microsoft has released security patches for the zero-day vulnerability chain dubbed ToolShell, capable of remote code ...

The zero-day vulnerability — which was first disclosed late Saturday — has been exploited by several Chinese state-aligned ...

Microsoft also has issued a patch for a related SharePoint vulnerability — CVE-2025-53771; Microsoft says there are no signs ...

Microsoft has confirmed that vulnerabilities in its on-premises SharePoint Server installations, a network spoofing vulnerability (CVE-202549706), ...

The hackers behind the initial wave of attacks exploiting a zero-day in Microsoft SharePoint servers have so far primarily ...

On July 20, 2025, Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA) issued urgent warnings about new, actively ...

This Alert was updated to reflect newly released information from Microsoft, and to correct the actively exploited Common ...