SharePoint Zero-Day Exploitation

Order byBest matchMost fresh

Microsoft fixes 2 SharePoint zero-days under attack

Microsoft Fix Targets Attacks on SharePoint Zero-Day

Microsoft also has issued a patch for a related SharePoint vulnerability — CVE-2025-53771; Microsoft says there are no signs of active attacks on CVE-2025-53771, and that the patch is to provide more robust protections than the update for CVE-2025-49706.

· 4d

Microsoft SharePoint zero-day exploited in RCE attacks, no patch available

CSO Online · 15h

Microsoft’s incomplete SharePoint patch led to global exploits by China-linked hackers

· 1d

Microsoft fixes three SharePoint zero-day exploits used in series of cyberattacks - how to patch them

Microsoft has patched two critical zero-day SharePoint security flaws that have already been exploited by hackers to attack vulnerable organizations.

· 1d

US Nuclear Body Among Those Impacted By SharePoint Breech

· 1d

US nuclear weapons agency breached using Microsoft SharePoint hack

· 21h

Chinese Hackers Are Exploiting Flaws in Widely Used Software, Microsoft Says

Eye Security, a cybersecurity firm, said that it had scanned more than 23,000 SharePoint servers worldwide and discovered that more than 400 systems had been actively compromised.

· 1d

Microsoft servers hacked by Chinese groups, says tech giant

· 1d

Microsoft knew of SharePoint security flaw but failed to effectively patch it, timeline shows

SecurityWeek2d

ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets

More details emerged on the ToolShell zero-day attacks targeting SharePoint servers, but confusion remains over the vulnerabilities.

The Hacker News4d

Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Company Servers

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), in an alert, said it's aware of active exploitation of CVE-2025-53770, which enables unauthenticated access to SharePoint systems and arbitrary code execution over the network.

Government Technology2d

As SharePoint Exploit Emerged, State Cyber Teams Mobilized

State CISOs in North Carolina and Arizona said their teams began work immediately to ensure on-prem SharePoint systems were secure, following the recent disclosure of an active zero-day exploit.

SecurityWeek17h

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named

More information has emerged on the ToolShell SharePoint zero-day attacks, including impact, victims, and threat actors.