Microsoft, SharePoint
Digest more
Hackers have been exploiting two zero-day vulnerabilities in on-premises installations of Microsoft SharePoint to gain remote access, and steal cryptographic keys
The Register on MSN19h
Blame a leak for Microsoft SharePoint attacks, researcher insistsMAPP program to blame? A week after Microsoft told the world that its July software updates didn't fully fix a couple of bugs, which allowed miscreants to take over on-premises SharePoint servers and remotely execute code,
The vulnerability, tracked as CVE-2025-53770, carries a severity rating of 9.8 out of a possible 10. It gives unauthenticated remote access to SharePoint Servers exposed to the Internet. Starting Friday,
State CISOs in North Carolina and Arizona said their teams began work immediately to ensure on-prem SharePoint systems were secure, following the recent disclosure of an active zero-day exploit.
Hours after Microsoft revealed hacking groups affiliated with the Chinese government have been exploiting a flaw in its SharePoint software, Bloomberg News reports that the National Nuclear Security Administration has also been breached in the attacks.
Active SharePoint exploits since July 7 target governments and tech firms globally, risking key theft and persistent access.