News

VMware fixes four ESXi zero-day bugs exploited at Pwn2Own Berlin
VMware fixed four vulnerabilities in VMware ESXi, Workstation, Fusion, and Tools that were exploited as zero-days during the ...
SecurityWeek2d
Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch
Microsoft says the Chinese threat actors Linen Typhoon, Violet Typhoon, and Storm-2603 have been exploiting the ToolShell ...
Microsoft Put Older Versions of SharePoint on Life Support. Hackers Are Taking Advantage
Multiple hacking groups—including state actors from China—have targeted a vulnerability in older, on-premises versions of the ...
SecurityWeek7d
VMware Flaws That Earned Hackers $340,000 at Pwn2Own Patched
Four vulnerabilities disclosed at the Pwn2Own Berlin 2025 hacking competition have been patched in VMware products.
What to know about ToolShell, the SharePoint threat under mass exploitation
The name was coined by Dinh Ho Anh, a researcher from Khoa of Viettel Cyber Security, who developed the exploit. The ...
Chinese Hackers Are Exploiting Flaws in Widely Used Software, Microsoft Says
The company said state-backed hacking groups were breaching systems through flaws in SharePoint, which is used by the U.S.
Patch SharePoint Now: Microsoft Servers at Risk of New ToolShell RCE Attack
If exploited, attackers can gain full access to SharePoint content and potentially pivot to Outlook, Teams, and OneDrive.
Microsoft SharePoint zero-day exploited in RCE attacks, no patch available
Critical zero-day vulnerabilities in Microsoft SharePoint, tracked as CVE-2025-53770 and CVE-2025-53771, have been actively ...
ExtremeTech on MSN1d
Microsoft Tried—and Failed—to Fix SharePoint Security Flaw Earlier This Month
Though the vulnerability was first identified in May, it's taken more than two months for Microsoft to issue an effective fix ...
Microsoft SharePoint Servers in Thousands of Firms Targeted Using ToolShell Zero-Day Vulnerability
Unknown threat actors are using a weaponised version of an exploit showcased at Pwn2Own Berlin in May to target SharePoint ...
Critical Sharepoint security vulnerability: First patches are available
Microsoft has now released a patch, but attackers were not idle over the weekend. Dozens of SharePoint installations fell ...
htxt2d
On-prem SharePoint servers have a “potent and dangerous” vulnerability
A new vulnerability dubbed ToolShell is being used to compromise on-premise instances of Microsoft SharePoint servers.