News

Microsoft Used China-Based Engineers to Maintain Vulnerable SharePoint
Microsoft identified at least three threat groups believed to be affiliated with China that have been exploiting publicly ...
Erie News Now1h
Microsoft Releases Emergency SharePoint Patches to Counter Critical Zero-Day Exploits
Microsoft’s security advisory emphasizes that the emergency patches provide “more robust protections” compared to earlier fixes. CVE-2025-53770 offers enhanced security beyond the CVE-2025-49704 ...
Microsoft SharePoint bug puts critical government agencies at risk
Microsoft released patches for a SharePoint zero-day bug after hackers compromised over 400 servers worldwide using ...
The Register on MSN2d
CISA releases malware analysis for Sharepoint Server attack
CISA has published a malware analysis report with compromise indicators and Sigma rules for "ToolShell" attacks targeting ...
Ransomware gangs join attacks targeting Microsoft SharePoint servers
Ransomware gangs have recently joined ongoing attacks targeting a Microsoft SharePoint vulnerability chain, part of a broader ...
Microsoft SharePoint worries increase as ransomware gangs join the party, experts warn
The risk for businesses who haven’t patched the ToolShell vulnerability keeps growing after new reports suggest ransomware actors are also joining the exploitation party. Researchers from Palo Alto ...
The American Bazaar4d
Microsoft relied on Chinese engineering team for SharePoint later hacked by China
Chinese state-sponsored hackers exploited a SharePoint vulnerability, raising concerns over Microsoft's reliance on ...
Homeland Security Today2d
CISA Releases Malware Analysis Report Associated with Microsoft SharePoint Vulnerabilities
CISA has published a Malware Analysis Report (MAR) with analysis and associated detection signatures on files related to Microsoft SharePoint vulnerabilities ...
Security Boulevard5d
New SharePoint Zero-Day Allows Unauthenticated Remote Code Execution
July, this vulnerability has been actively exploited in the wild by multiple threat actors, including groups believed to be affiliated with nation-state interests. To date, more than 85 SharePoint ...
The Register on MSN2d
Microsoft, CISA warn yet another Exchange server bug can lead to 'total domain compromise'
CVE-2025-53786 is an elevation of privilege bug that Outsider Security's Dirk-jan Mollema reported to Microsoft. It exists ...
How your org can avoid being a victim of the next “SharePoint”
The companies that fare best in the face of cyber threats aren't always the biggest or the most high-tech--they're the most ...
The Register on MSN1d
Ex-White House cyber, counter-terrorism guru: Microsoft considers security an annoyance, not a necessity
CrowdStrike Senior VP of Counter Adversary Operations Adam Meyers told The Register the same thing and likened Microsoft's ...