Microsoft says the Chinese threat actors Linen Typhoon, Violet Typhoon, and Storm-2603 have been exploiting the ToolShell ...

There was a disturbance in the enterprise security world, and it started with a Pwn2Own Berlin. [Khoa Dinh] and the team at ...

Follow the MAPP A week after Microsoft told the world that its July software updates didn't fully fix a couple of bugs, which ...

AttackIQ has released a new emulation that compiles the Tactics, Techniques, and Procedures (TTPs) associated with the ...

The name was coined by Dinh Ho Anh, a researcher from Khoa of Viettel Cyber Security, who developed the exploit. The ...

Microsoft has now released a patch, but attackers were not idle over the weekend. Dozens of SharePoint installations fell ...

The vulnerability, tracked as CVE-2025-53770, carries a severity rating of 9.8 out of a possible 10. It gives unauthenticated ...

Microsoft has started releasing updates to fix the exploited SharePoint zero-days tracked as CVE-2025-53770 and CVE-2025-53771.

Multiple hacking groups—including state actors from China—have targeted a vulnerability in older, on-premises versions of the ...

If exploited, attackers can gain full access to SharePoint content and potentially pivot to Outlook, Teams, and OneDrive.

A new vulnerability dubbed ToolShell is being used to compromise on-premise instances of Microsoft SharePoint servers.

SharePoint flaws exploited in wild, no patch yet for 2016/2019 editions. Over 85 servers compromised globally since July 18.