News

SecurityWeek11h
Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch
Microsoft says the Chinese threat actors Linen Typhoon, Violet Typhoon, and Storm-2603 have been exploiting the ToolShell ...
US nuclear weapons agency reportedly hacked in SharePoint attacks
Unknown threat actors have reportedly breached the National Nuclear Security Administration's (NNSA) network in attacks ...
Microsoft fixes two SharePoint zero-days under attack, but one is still unresolved - how to patch
Microsoft has pointed the finger at three Chinese nation-state actors. Here's what we know, plus how to guard against future ...
Microsoft Knew Of SharePoint Security Flaw But Failed To Effectively Patch It: Report
Microsoft spokesperson confirmed that its initial solution to the flaw, identified at a hacker competition in May, did not ...
Microsoft’s Security Patch Misfire Exposes Its Server Flaw to Global Cyber Espionage Campaign Linked to China
A botched security patch by Microsoft has left its widely-used SharePoint Server exposed to a critical vulnerability—fueling ...
GovInfoSecurity15m
US Nuclear Agency Breach Tied to SharePoint Zero-Days
The U.S. government agency that maintains and designs America's nuclear weapons was reportedly breached by attackers ...
The Hacker News9h
CISA Orders Urgent Patching After Chinese Hackers Exploit SharePoint Flaws in Live Attacks
CISA flags Microsoft SharePoint flaws under active attack by Chinese hackers. U.S. agencies must patch by July 23 ...
Three Chinese groups identified as attackers on Sharepoint servers
An analysis by Microsoft names three different groups from China as the attackers of the latest Sharepoint vulnerability. But ...
Attacks on Microsoft Sharepoint: What admins need to do after patching
Closing the gaps is not enough against the current toolshell attacks. After all, attackers could already be inside. We show ...
SecurityWeek22h
SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available
Microsoft warned SharePoint Server users of a vulnerability dubbed ToolShell in the software that was assigned CVE-2025-53770 ...
Microsoft SharePoint Hack Breaches US National Nuclear Security Administration
The active exploitation of a zero-day vulnerability in Microsoft SharePoint has led to a sweeping cyberattack involving over ...