Update, July 21, 2025: This story, originally published on July 20, has been updated to include additional expert comments regarding the global zero-day attack impacting Microsoft on-premise ...

Microsoft has released two emergency patches to address zero-day vulnerabilities that have been found in SharePoint RCE. Actively exploited in attacks, the two flaws (tracked as CVE-2025-53770 and CVE ...

Microsoft has issued two emergency updates after a vulnerability in Microsoft's SharePoint server software was exploited by hackers over the weekend to carry out attacks on businesses and U.S. federal ...

Microsoft has released emergency SharePoint security updates for two zero-day vulnerabilities tracked as CVE-2025-53770 and CVE-2025-53771 that have compromised services worldwide in "ToolShell" ...

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Every security team’s nightmare came true over the weekend: a ...

Over the last weekend, numerous cybersecurity agencies revealed new cybersecurity attacks targeting on-premises SharePoint Server customers by exploiting unpatched vulnerabilities. The CVE-2025-53770, ...