News

What to know about ToolShell, the SharePoint threat under mass exploitation
The name was coined by Dinh Ho Anh, a researcher from Khoa of Viettel Cyber Security, who developed the exploit. The ...
CPO Magazine4d
Microsoft Releases Emergency Updates Amid Active Exploitation of SharePoint Zero-Day Vulnerability Chain
Microsoft has released security patches for the zero-day vulnerability chain dubbed ToolShell, capable of remote code ...
CSO Online5d
Microsoft’s incomplete SharePoint patch led to global exploits by China-linked hackers
A July 8 fix for a critical SharePoint zero-day failed to stop active exploitation, enabling state-backed attackers to breach ...
Microsoft fixes SharePoint zero-day exploits used in cyberattacks and ransomware - how to patch them
Microsoft has pointed the finger at three Chinese nation-state actors for exploiting the SharePoint vulnerabilities. Here's what we know about the security flaws and how to guard against future ...
US nuclear weapons agency hacked in Microsoft SharePoint attacks
Unknown threat actors have breached the National Nuclear Security Administration's network in attacks exploiting a recently ...
Blame a leak for Microsoft SharePoint attacks, researcher insists
"A leak happened here somewhere," Dustin Childs, head of threat awareness at Trend Micro's Zero Day Initiative (ZDI), told ...
SecurityWeek5d
ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named
More information has emerged on the ToolShell SharePoint zero-day attacks, including impact, victims, and threat actors.
Government Technology6d
As SharePoint Exploit Emerged, State Cyber Teams Mobilized
State CISOs in North Carolina and Arizona said their teams began work immediately to ensure on-prem SharePoint systems were ...
Microsoft SharePoint victim count hits 400+ orgs in ongoing attacks
More than 400 organizations have been compromised in the Microsoft SharePoint attack, according to Eye Security, which ...
The Hacker News6d
CISA Orders Urgent Patching After Chinese Hackers Exploit SharePoint Flaws in Live Attacks
CISA flags Microsoft SharePoint flaws under active attack by Chinese hackers. U.S. agencies must patch by July 23 ...
Microsoft SharePoint Hack Breaches US National Nuclear Security Administration
The active exploitation of a zero-day vulnerability in Microsoft SharePoint has led to a sweeping cyberattack involving over 100 organizations, including the U.S. National Nuclear Security ...