SharePoint

High-severity SharePoint RCE bug patched by Microsoft (CVE-2026-45659)

Don't miss, Hot stuff, Microsoft, News, security update, SharePoint, vulnerability /

High-severity SharePoint RCE bug patched by Microsoft (CVE-2026-45659) 2026-05-26 at 13:56 By Zeljka Zorz Microsoft has released patches for a high-severity remote code execution vulnerability (CVE-2026-45659) in SharePoint that may be exploited in low-complexity attacks. It affects the SharePoint Server Subscription Edition, SharePoint Server 2019, and SharePoint Enterprise Server 2016. About CVE-2026-45659 CVE-2026-45659 stems from […]

High-severity SharePoint RCE bug patched by Microsoft (CVE-2026-45659) Read More »

Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities

CISA KEV, exploited, Microsoft, Patch Tuesday, SharePoint, Vulnerabilities, Zero-Day /

Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities 2026-04-14 at 22:26 By Eduard Kovacs Experts say this is the second-largest Microsoft Patch Tuesday ever based on CVE count. The post Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities Read More »

CISA warns of active exploitation of Microsoft SharePoint vulnerability (CVE-2026-20963)

CISA, Don't miss, Hot stuff, Microsoft, News, SharePoint, vulnerability /

CISA warns of active exploitation of Microsoft SharePoint vulnerability (CVE-2026-20963) 2026-03-19 at 13:32 By Zeljka Zorz CVE-2026-20963, a remote code execution (RCE) SharePoint vulnerability Microsoft fixed in January 2026, is being exploited by attackers. The confirmation comes from the US Cybersecurity and Infrastructure Security Agency (CISA), which added the flaw to its Known Exploited Vulnerabilities

CISA warns of active exploitation of Microsoft SharePoint vulnerability (CVE-2026-20963) Read More »

CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability

CISA KEV, exploited, SharePoint, Vulnerabilities, vulnerability /

CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability 2026-03-19 at 12:02 By Eduard Kovacs The SharePoint remote code execution vulnerability CVE-2026-20963, which Microsoft patched in January, has been exploited in the wild. The post CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability Read More »

Energy sector orgs targeted with AiTM phishing campaign

Don't miss, energy sector, Hot stuff, Microsoft, MITM, News, phishing, SharePoint /

Energy sector orgs targeted with AiTM phishing campaign 2026-01-22 at 15:19 By Zeljka Zorz Organizations in the energy sector are being targeted with phishing emails aimed at compromising enterprise accounts, Microsoft warns. The attack campaign The attacks started with phishing emails with “NEW PROPOSAL – NDA” in the subject line, coming from a compromised email

Energy sector orgs targeted with AiTM phishing campaign Read More »

Croatian research institute confirms ransomware attack via ToolShell vulnerabilities

Croatia, Don't miss, Europe, Hot stuff, News, Ransomware, SharePoint, vulnerability /

Croatian research institute confirms ransomware attack via ToolShell vulnerabilities 2025-08-13 at 18:01 By Zeljka Zorz The Ruđer Bošković Institute (RBI), the largest Croatian science and technology research institute, has confirmed that it was the one of “at least 9,000 institutions worldwide” that were attacked using the Microsoft SharePoint “ToolShell” vulnerabilities. The attack happened on Thursday,

Croatian research institute confirms ransomware attack via ToolShell vulnerabilities Read More »

Microsoft fixes “BadSuccessor” Kerberos vulnerability (CVE-2025-53779)

Akamai, Don't miss, Hot stuff, Immersive, Microsoft, MS Office, News, Patch Tuesday, SharePoint, Tenable, Trend Micro /

Microsoft fixes “BadSuccessor” Kerberos vulnerability (CVE-2025-53779) 2025-08-13 at 15:20 By Zeljka Zorz For August 2025 Patch Tuesday, Microsoft has released security updates resolving 100+ security vulnerabilities in its various solutions, including a relative path traversal flaw in Windows Kerberos (CVE-2025-53779) that allows an authorized attacker to elevate privileges over a network as part of a

Microsoft fixes “BadSuccessor” Kerberos vulnerability (CVE-2025-53779) Read More »

August 2025 Patch Tuesday forecast: Try, try, again

apple, Don't miss, Expert analysis, Google, Hot stuff, Ivanti, Microsoft, Mozilla, News, Patch Tuesday, SharePoint /

August 2025 Patch Tuesday forecast: Try, try, again 2025-08-08 at 09:30 By Help Net Security July turned into a surprisingly busy month. It started slowly with a fairly ‘calm’ Patch Tuesday as I forecasted in my last blog. Although there were 130 new CVEs addressed across all the Microsoft releases, there was only one publicly

August 2025 Patch Tuesday forecast: Try, try, again Read More »

Storm-2603 spotted deploying ransomware on exploited SharePoint servers

0-day, Check Point, Don't miss, exploit, Hot stuff, Microsoft, News, SANS ISC, SharePoint, vulnerability /

Storm-2603 spotted deploying ransomware on exploited SharePoint servers 2025-07-24 at 19:03 By Zeljka Zorz One of the groups that, in the past few weeks, has been exploiting vulnerabilities in on-prem SharePoint installation has been observed deploying Warlock ransomware, Microsoft shared on Wednesday. First attack spotted on July 7th On Saturday, Microsoft announced that attackers have

Storm-2603 spotted deploying ransomware on exploited SharePoint servers Read More »

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named

China APT, exploited, Government, Malware & Threats, Microsoft, SharePoint, ToolShell, vulnerability /

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named 2025-07-24 at 12:35 By Eduard Kovacs More information has emerged on the ToolShell SharePoint zero-day attacks, including impact, victims, and threat actors. The post ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named Read More »

Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch

China APT, exploited, Malware & Threats, Microsoft, SharePoint, ToolShell, Zero-Day /

Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch 2025-07-22 at 20:47 By Eduard Kovacs Microsoft says the Chinese threat actors Linen Typhoon, Violet Typhoon, and Storm-2603 have been exploiting the ToolShell zero-days. The post Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch appeared first on SecurityWeek. This article is an excerpt

Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch Read More »

Microsoft pins on-prem SharePoint attacks on Chinese threat actors

Check Point, China, Don't miss, exploit, Eye Security, Hot stuff, News, Palo Alto Networks, Rapid7, SentinelOne, SharePoint, Trend Micro, vulnerability /

Microsoft pins on-prem SharePoint attacks on Chinese threat actors 2025-07-22 at 18:54 By Zeljka Zorz As Microsoft continues to update its customer guidance for protecting on-prem SharePoint servers against the latest in-the-wild attacks, more security firms have begun sharing details about the ones they have detected. Most intriguingly, Check Point Research says that they observed

Microsoft pins on-prem SharePoint attacks on Chinese threat actors Read More »

ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets

China, China APT, exploited, Featured, Malware & Threats, SharePoint, ToolShell, Vulnerabilities, Zero-Day /

ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets 2025-07-22 at 11:44 By Eduard Kovacs More details emerged on the ToolShell zero-day attacks targeting SharePoint servers, but confusion remains over the vulnerabilities. The post ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets appeared first on SecurityWeek.

ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets Read More »

Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers

exploited, SharePoint, ToolShell, Vulnerabilities, Zero-Day /

Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers 2025-07-21 at 12:50 By Eduard Kovacs Microsoft has started releasing updates to fix the exploited SharePoint zero-days tracked as CVE-2025-53770 and CVE-2025-53771. The post Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers Read More »

Microsoft SharePoint servers under attack via zero-day vulnerability with no patch (CVE-2025-53770)

0-day, CISA, Don't miss, exploit, Eye Security, Hot stuff, Microsoft, News, Palo Alto Networks, SharePoint /

Microsoft SharePoint servers under attack via zero-day vulnerability with no patch (CVE-2025-53770) 2025-07-21 at 00:02 By Zeljka Zorz Attackers are exploiting a zero-day variant (CVE-2025-53770) of a SharePoint remote code execution vulnerability (CVE-2025-49706) that Microsoft patched earlier this month, the company has confirmed on Saturday. CVE-2025-53770 is being leveraged to place a backdoor on vulnerable

Microsoft SharePoint servers under attack via zero-day vulnerability with no patch (CVE-2025-53770) Read More »

SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available

CVE-2025-53770, exploit, Featured, Microsoft, SharePoint, Threat Intelligence, Vulnerabilities, vulnerability /

SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available 2025-07-20 at 17:16 By Mike Lennon Enterprises running SharePoint servers should not wait for a fix for CVE-2025-53770 and should commence threat hunting to search for compromise immediately. The post SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the

SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available Read More »

Microsoft fixes critical wormable Windows flaw (CVE-2025-47981)

Don't miss, Hot stuff, Ivanti, Microsoft Edge, MS Office, News, Patch Tuesday, Qualys, SharePoint, Tenable, Trend Micro, Windows, Windows Server /

Microsoft fixes critical wormable Windows flaw (CVE-2025-47981) 2025-07-09 at 14:31 By Zeljka Zorz For July 2025 Patch Tuesday, Microsoft has released patches for 130 vulnerabilities, among them one that’s publicly disclosed (CVE-2025-49719) and a wormable RCE bug on Windows and Windows Server (CVE-2025-47981). CVE-2025-49719 and CVE-2025-49717, in Microsoft SQL Server CVE-2025-49719 is an uninitialized memory

Microsoft fixes critical wormable Windows flaw (CVE-2025-47981) Read More »

Patch Tuesday: Microsoft fixes 5 actively exploited zero-days

Don't miss, Hot stuff, Immersive, Microsoft, Microsoft Edge, News, Patch Tuesday, SharePoint, Tenable, Trend Micro /

Patch Tuesday: Microsoft fixes 5 actively exploited zero-days 2025-05-13 at 23:00 By Zeljka Zorz On May 2025 Patch Tuesday, Microsoft has released security fixes for 70+ vulnerabilities, among them five actively exploited zero-days and two publicly disclosed (but not exploited) vulnerabilities. The zero-days and the publicly disclosed flaws Among the zero-days patched is a memory

Patch Tuesday: Microsoft fixes 5 actively exploited zero-days Read More »

Exploited: Cisco, SharePoint, Chrome vulnerabilities

brute-force, Chrome, CISA, Cisco, Don't miss, enterprise, exploit, Hot stuff, Kaspersky, News, PoC, SharePoint, vulnerability /

Exploited: Cisco, SharePoint, Chrome vulnerabilities 2024-10-25 at 13:33 By Zeljka Zorz Threat actors have been leveraging zero and n-day vulnerabilities in Cisco security appliances (CVE-2024-20481), Microsoft Sharepoint (CVE-2024-38094), and Google’s Chrome browser (CVE-2024-4947). CVE-2024-20481 (Cisco ASA/FTD) In the past few days, Cisco has released fixes for a slew of vulnerabilities affecting the software powering its

Exploited: Cisco, SharePoint, Chrome vulnerabilities Read More »

Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes

0-day, CVE, Don't miss, Elastic, Hot stuff, Immersive Labs, News, Patch Tuesday, SharePoint, Tenable, Trend Micro, vulnerability, Windows /

Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes 2024-09-10 at 22:46 By Zeljka Zorz September 2024 Patch Tuesday is here and Microsoft has delivered 79 fixes, including those for a handful of zero-days (CVE-2024-38217, CVE-2024-38226, CVE-2024-38014, CVE-2024-43461) exploited by attackers in the wild, and a Windows 10 code defect

Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes Read More »

Scroll to Top