Forbes

Microsoft Confirms Global SharePoint Attack — Emergency Update Issued

Update, July 21, 2025: This story, originally published on July 20, has been updated to include additional expert comments regarding the global zero-day attack impacting Microsoft on-premise ...
CNBC

Microsoft hit with SharePoint attack affecting global businesses and governments

Microsoft has alerted businesses and governments to "active attacks" on its popular SharePoint collaboration software. Patches have been issued for two versions of SharePoint software, while one ...
GeekWire

Microsoft contains SharePoint security wildfire, but questions linger about on-premises software

Editor’s note: This is a guest analysis from Christopher Budd, who previously spent a decade at the Microsoft Security Response Center (MSRC). Emergency security teams know summer weekends are made ...
Nextgov

DHS impacted in hack of Microsoft SharePoint products, people familiar say

Get the latest federal technology news delivered to your inbox. The Department of Homeland Security was affected by a broad intrusion into on-premises versions of Microsoft SharePoint, according to ...
Krebs on Security

Microsoft Fix Targets Attacks on SharePoint Zero-Day

On Sunday, July 20, Microsoft Corp. issued an emergency security update for a vulnerability in SharePoint Server that is actively being exploited to compromise vulnerable organizations. The patch ...
ZDNet

Microsoft fixes SharePoint zero-day exploits used in cyberattacks and ransomware - how to patch them

I wore the world's first HDR10 smart glasses TCL's new E Ink tablet beats the Remarkable and Kindle Anker's new charger is one of the most unique I've ever seen Best laptop cooling pads Best flip ...
Bleeping Computer

Microsoft SharePoint RCE bug exploited to breach corporate network

A recently disclosed Microsoft SharePoint remote code execution (RCE) vulnerability tracked as CVE-2024-38094 is being exploited to gain initial access to corporate networks. CVE-2024-38094 is a ...
Bleeping Computer

Microsoft SharePoint zero-day exploited in RCE attacks, no patch available

Update 7/21/25: Added links to the security updates for Microsoft SharePoint 2019. Critical zero-day vulnerabilities in Microsoft SharePoint, tracked as CVE-2025-53770 and CVE-2025-53771, have been ...
Neowin

Hackers actively exploiting unpatched Microsoft SharePoint vulnerability CVE-2025-53770

A new critical vulnerability, CVE-2025-53770 (ToolShell), is being actively exploited to attack unpatched on-premises Microsoft SharePoint Servers. Over the last weekend, numerous cybersecurity ...
Wired

Microsoft Put Older Versions of SharePoint on Life Support. Hackers Are Taking Advantage

Hundreds of organizations around the world suffered data breaches this week, as an array of hackers rushed to exploit a recently discovered vulnerability in older versions of the Microsoft ...
Asianet Newsable on MSN

Microsoft SharePoint Under Attack, Thousands of Servers Hit; Firm Issues Security Patch

Microsoft has issued a warning to its business clients regarding active attacks exploiting vulnerabilities in on-premises SharePoint Servers. The vulnerability affects SharePoint 2010 and 2013 ...