The name was coined by Dinh Ho Anh, a researcher from Khoa of Viettel Cyber Security, who developed the exploit. The ...

Microsoft identified at least three threat groups believed to be affiliated with China that have been exploiting publicly ...

Microsoft’s security advisory emphasizes that the emergency patches provide “more robust protections” compared to earlier fixes. CVE-2025-53770 offers enhanced security beyond the CVE-2025-49704 ...

CISA has published a malware analysis report with compromise indicators and Sigma rules for "ToolShell" attacks targeting ...

A U.S. nuclear agency was among the victims of the SharePoint vulnerability chain, which was exploited to compromise over 54 ...

Ransomware gangs have recently joined ongoing attacks targeting a Microsoft SharePoint vulnerability chain, part of a broader ...

Researchers from Palo Alto Networks detail ransomware deployment and malicious backdoors in a campaign against Microsoft ...

The risk for businesses who haven’t patched the ToolShell vulnerability keeps growing after new reports suggest ransomware actors are also joining the exploitation party. Researchers from Palo Alto ...

More information has emerged on the ToolShell SharePoint zero-day attacks, including impact, victims, and threat actors.

Kaspersky GReAT researchers analyzed the published ToolShell exploit and found it alarmingly similar to the 2020 ...

A new SharePoint exploit bypassed Microsoft’s patch, exposing over 8,000 systems and revealing deep flaws in on-premise legacy security models.

The ToolShell bugs are being exploited by cybercriminals and APT groups alike, with the US on the receiving end of 13 percent of all attacks.