News

Patch SharePoint Now: Microsoft Servers at Risk of New ToolShell RCE Attack

If exploited, attackers can gain full access to SharePoint content and potentially pivot to Outlook, Teams, and OneDrive.

Microsoft links Sharepoint ToolShell attacks to Chinese hackers

Hackers with ties to the Chinese government have been linked to a recent wave of widespread attacks targeting a Microsoft ...
Computer Weekly1d

Patch ToolShell SharePoint zero-day immediately, says Microsoft

The active exploitation of a dangerous zero-day vulnerability chain in Microsoft SharePoint – which was disclosed over the ...
SecurityWeek1d

ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets

More details emerged on the ToolShell zero-day attacks targeting SharePoint servers, but confusion remains over the ...
SecurityWeek5h

Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch

Microsoft says the Chinese threat actors Linen Typhoon, Violet Typhoon, and Storm-2603 have been exploiting the ToolShell ...
Computer Weekly22h

Chinese cyber spies among those linked to SharePoint attacks

Exploitation of the ToolShell RCE zero-day in Microsoft SharePoint continues to gather pace, with evidence emerging of ...
The Hacker News3h

CISA Orders Urgent Patching After Chinese Hackers Exploit SharePoint Flaws in Live Attacks

CISA flags Microsoft SharePoint flaws under active attack by Chinese hackers. U.S. agencies must patch by July 23 ...

Microsoft SharePoint Servers in Thousands of Firms Targeted Using ToolShell Zero-Day Vulnerability

Unknown threat actors are using a weaponised version of an exploit showcased at Pwn2Own Berlin in May to target SharePoint ...

Microsoft issues patches for "ToolShell" vulnerable SharePoint Servers

Patches for two vulnerable editions of Microsoft's on-premises SharePoint Server collaboration tool are now available, with ...
Infosecurity Magazine19h

SharePoint 'ToolShell' Vulnerabilities Exploited by Chinese Nation-State Hackers

Microsoft has observed three China-based threat actors, Linen Typhoon, Violet Typhoon and Storm-2603, exploiting the ...

"We’re witnessing an urgent and active threat" — Microsoft SharePoint "ToolShell" vulnerability is being attacked globally

The term "zero-day" attack refers to when a previously unknown vulnerability is targeted. Tens of thousands of servers are ...

Update: New version of Sharepoint 2016 fixes toolshell vulnerability

Microsoft is following up and is also releasing a patch for the 2016 edition of Sharepoint. Admins should install this ...