Update, July 21, 2025: This story, originally published on July 20, has been updated to include additional expert comments regarding the global zero-day attack impacting Microsoft on-premise ...

Microsoft has released two emergency patches to address zero-day vulnerabilities that have been found in SharePoint RCE. Actively exploited in attacks, the two flaws (tracked as CVE-2025-53770 and CVE ...

Update 7/21/25: Added links to the security updates for Microsoft SharePoint 2019. Critical zero-day vulnerabilities in Microsoft SharePoint, tracked as CVE-2025-53770 and CVE-2025-53771, have been ...

Microsoft confirmed “active attacks” targeting SharePoint customers and urged clients in a blog post over the weekend to immediately apply security updates. The attacks are exploiting vulnerabilities ...

Microsoft has issued two emergency updates after a vulnerability in Microsoft's SharePoint server software was exploited by hackers over the weekend to carry out attacks on businesses and U.S. federal ...

On Sunday, July 20, Microsoft Corp. issued an emergency security update for a vulnerability in SharePoint Server that is actively being exploited to compromise vulnerable organizations. The patch ...

Microsoft has released emergency SharePoint security updates for two zero-day vulnerabilities tracked as CVE-2025-53770 and CVE-2025-53771 that have compromised services worldwide in "ToolShell" ...

Microsoft has patched three critical zero-day SharePoint security flaws that hackers have already exploited to attack more vulnerable organizations. Responding to the exploits, the software giant ...

The security update for SharePoint Server 2016 means that patches for ‘all supported versions of SharePoint’ are now available to protect against a pair of widely exploited vulnerabilities, the tech ...

Federal cybersecurity officials have issued a warning to Microsoft users about a security flaw allowing hackers to access to certain SharePoint systems. The U.S. Cybersecurity and Infrastructure ...