Latest Tech News

Stay updated with the latest in technology, AI, cybersecurity, and more

Filtered by: sharepoint Clear Filter

Microsoft fixes SharePoint zero-day exploits used in cyberattacks and ransomware - how to patch them

zdnet.com Lance Whitney 2025-12-25 08:32:00

Kiryl Pro motion / Getty Images Microsoft has patched three critical zero-day SharePoint security flaws that hackers have already exploited to attack more vulnerable organizations. Responding to the exploits, the software giant initially issued fixes just for SharePoint Server Subscription Edition and SharePoint Server 2019, and then eventually rolled out a patch for SharePoint Server 2016 as well. Designated as CVE‑2025‑53771 and CVE‑2025‑53770, the two vulnerabilities apply only to on‑premis

Topics: 2025 microsoft security server sharepoint
Read More
Shop Amazon

Microsoft Put Older Versions of SharePoint on Life Support. Hackers Are Taking Advantage

wired.com Lily Hay Newman 2025-12-26 21:59:20

Hundreds of organizations around the world suffered data breaches this week, as an array of hackers rushed to exploit a recently discovered vulnerability in older versions of the Microsoft file-sharing tool known as SharePoint. The string of breaches adds to an already urgent and complex dynamic: Institutions that are longtime SharePoint users can face increased risk by continuing to use the service, just as Microsoft is winding down support for a platform in favor of newer cloud offerings. Mic

Topics: microsoft organizations security server sharepoint
Read More
Shop Amazon

What to know about ToolShell, the SharePoint threat under mass exploitation

arstechnica.com Unknown 2025-12-27 08:14:40

Government agencies and private industry have been under siege over the past four days following the discovery that a critical vulnerability in SharePoint, the widely used document-sharing app made by Microsoft, is under mass exploitation. Since that revelation, the fallout and the ever-increasing scope of the attacks have been hard to keep track of. What follows are answers to some of the most common questions about the vulnerability and the ongoing exploitation of it, which collectively is be

Topics: exploitation microsoft security sharepoint vulnerability
Read More
Shop Amazon

Microsoft fixes three SharePoint zero-day exploits used in series of cyberattacks - how to patch them

zdnet.com Lance Whitney 2025-12-27 17:36:00

Olemedia / Getty Images Microsoft has patched three critical zero-day SharePoint security flaws that have already been exploited by hackers to attack a larger number of vulnerable organizations. Responding to the exploits, the software giant initially issued fixes just for SharePoint Server Subscription Edition and SharePoint Server 2019 and then eventually rolled out a patch for SharePoint Server 2016 as well. Designated as CVE-2025-53771 and CVE-2025-53770, the two vulnerabilities apply only

Topics: 2025 microsoft security server sharepoint
Read More
Shop Amazon

Microsoft fixes two SharePoint zero-days under attack, but one is still unresolved - how to patch

zdnet.com Lance Whitney 2025-12-28 12:23:00

Olemedia / Getty Images Microsoft has patched two critical zero-day SharePoint security flaws that have already been exploited by hackers to attack vulnerable organizations. Responding to the exploits, the software giant has issued fixes for SharePoint Server Subscription Edition and SharePoint Server 2019, but is still working on a patch for SharePoint Server 2016. Designated as CVE-2025-53771 and CVE-2025-53770, the two vulnerabilities apply only to on-premises versions of SharePoint, so org

Topics: 2025 microsoft security server sharepoint
Read More
Shop Amazon

Hundreds of organizations breached by SharePoint mass-hacks

techcrunch.com Zack Whittaker 2025-12-28 17:32:09

Security researchers say hackers have breached at least 400 organizations by exploiting a zero-day vulnerability in Microsoft SharePoint, signalling a sharp rise in the number of detected compromises since the bug was discovered last week. Eye Security, a Dutch cybersecurity firm that first identified the vulnerability in SharePoint, a popular server software that companies use to store and share internal documents, said it had identified hundreds of affected SharePoint servers by scanning the

Topics: affected bug exploiting sharepoint vulnerability
Read More
Shop Amazon

US nuclear weapons agency breached using Microsoft SharePoint hack

engadget.com Unknown 2025-12-28 22:00:27

The US government agency in charge of designing and maintaining nuclear weapons was among those breached by a hack of Microsoft's SharePoint server software, Bloomberg reported. However, attackers weren't able to obtain any sensitive or classified information, according to an unnamed source with knowledge of the matter. The breach occurred at the National Nuclear Security Administration, an arm of the Energy Department responsible for producing and dismantling nuclear arms. "On Friday, July 18t

Topics: department microsoft nuclear sharepoint systems
Read More
Shop Amazon

US agency responsible for nuclear weapons was breached in Sharepoint hack [U]

9to5mac.com Ben Lovejoy 2025-12-29 09:30:47

More than 10,000 organizations around the world are at risk from hackers after a serious security flaw was discovered in Microsoft’s popular Sharepoint platform, used to store and share confidential documents. The majority of companies at risk are said to be in the US. Update: Bloomberg reports that the National Nuclear Security Administration was among the organizations breached – see the end of the piece … Microsoft said that there were “active attacks targeting on-premises servers.” US fede

Topics: microsoft organizations said security sharepoint
Read More
Shop Amazon

US nuclear weapons agency reportedly breached in Microsoft SharePoint attacks

theverge.com Tom Warren 2025-12-29 05:24:26

is a senior editor and author of Notepad , who has been covering all things Microsoft, PC, and tech for over 20 years. Hours after Microsoft revealed hacking groups affiliated with the Chinese government have been exploiting a flaw in its SharePoint software, Bloomberg News reports that the National Nuclear Security Administration has also been breached in the attacks. A single source tells Bloomberg that the department, which provides the Navy with nuclear reactors for submarines, was caught

Topics: bloomberg exploit impacted microsoft sharepoint
Read More
Shop Amazon

Microsoft servers hacked by Chinese groups, says tech giant

feeds.bbci.co.uk Unknown 2025-12-29 04:53:31

Microsoft servers hacked by Chinese groups, says tech giant "Investigations into other actors also using these exploits are still ongoing," Microsoft said in a statement. The US tech giant has released security updates in response and has advised all on-premises SharePoint server customers to install them. China state-backed Linen Typhoon and Violet Typhoon as well as China-based Storm-2603 were said to have "exploited vulnerabilities" in on-premises SharePoint servers, the kind used by firms

Topics: carmakal china microsoft said sharepoint
Read More
Shop Amazon

Microsoft servers hacked by Chinese groups, firm says

feeds.bbci.co.uk Unknown 2025-12-29 10:53:31

Microsoft servers hacked by Chinese groups, firm says "Investigations into other actors also using these exploits are still ongoing," Microsoft said in a statement. The US tech giant has released security updates in response and has advised all on-premises SharePoint server customers to install them. China state-backed Linen Typhoon and Violet Typhoon as well as China-based Storm-2603 were said to have "exploited vulnerabilities" in on-premises SharePoint servers, the kind used by firms, but

Topics: carmakal firm microsoft said sharepoint
Read More
Shop Amazon

Microsoft links Sharepoint ToolShell attacks to Chinese hackers

bleepingcomputer.com Unknown 2025-12-29 16:26:06

Several hacking groups with ties to the Chinese government have been linked to a recent wave of widespread attacks targeting a Microsoft SharePoint zero-day vulnerability chain. They used this exploit chain (dubbed "ToolShell") to breach dozens of organizations worldwide after hacking into their on-premise SharePoint servers. "Microsoft has observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon exploiting these vulnerabilities targeting internet-facing SharePoint serv

Topics: actors exploiting microsoft sharepoint vulnerabilities
Read More
Shop Amazon

Microsoft says Chinese hacking groups are behind SharePoint attacks

theverge.com Jess Weatherbed 2025-12-30 22:13:36

Some of the attacks that targeted organizations using an exploit in Microsoft’s SharePoint server platform over the last few days have been linked to hacking groups affiliated with the Chinese government, according to a new Microsoft security blog. “As of this writing, Microsoft has observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon, exploiting these vulnerabilities targeting internet-facing SharePoint servers,” Microsoft said on Tuesday. “In addition, we have obse

Topics: actors microsoft security sharepoint using
Read More
Shop Amazon

Microsoft says Chinese hacking groups exploited SharePoint vulnerability in attacks

cnbc.com Jordan Novet 2025-12-31 03:31:48

Microsoft CEO Satya Nadella speaks during an event commemorating the 50th anniversary of the company at Microsoft headquarters in Redmond, Washington, on April 4, 2025. Microsoft Corp., determined to hold its ground in artificial intelligence, will soon let consumers tailor the Copilot digital assistant to their own needs. Microsoft on Tuesday said Chinese hacking groups were part of the recent attacks on its SharePoint collaboration software. As early as July 7, the Chinese nation-state actor

Topics: company microsoft said sharepoint software
Read More
Shop Amazon

Google, Microsoft say Chinese hackers are exploiting SharePoint zero-day

techcrunch.com Zack Whittaker 2025-12-31 08:45:08

Security researchers at Google and Microsoft say they have evidence that hackers backed by China are exploiting a zero-day bug in Microsoft SharePoint, as companies around the world scramble to patch the flaw. The bug, known officially as CVE-2025-53770 and discovered last weekend, allows hackers to steal sensitive private keys from self-hosted versions of SharePoint, a software server widely used by companies and organizations to store and share internal documents. Once exploited, an attacker

Topics: china disrupt hacking microsoft sharepoint
Read More
Shop Amazon

Microsoft links Sharepoint attacks to Chinese hacking groups

bleepingcomputer.com Unknown 2025-12-31 10:26:06

Several hacking groups with ties to the Chinese government have been linked to a recent wave of widespread attacks targeting a Microsoft SharePoint zero-day vulnerability chain. They used this exploit chain (dubbed "ToolShell") to breach dozens of organizations worldwide after hacking into their on-premise SharePoint servers. "Microsoft has observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon exploiting these vulnerabilities targeting internet-facing SharePoint serv

Topics: 2025 actors cve microsoft sharepoint
Read More
Shop Amazon

Microsoft Sharepoint ToolShell attacks linked to Chinese hackers

bleepingcomputer.com Unknown 2026-01-01 04:26:06

Hackers with ties to the Chinese government have been linked to a recent wave of widespread attacks targeting a Microsoft SharePoint zero-day vulnerability chain. They used this exploit chain (dubbed "ToolShell") to breach dozens of organizations worldwide after hacking into their on-premise SharePoint servers. "We assess that at least one of the actors responsible for this early exploitation is a China-nexus threat actor. It's critical to understand that multiple actors are now actively explo

Topics: 2025 actors cve microsoft sharepoint
Read More
Shop Amazon

SharePoint vulnerability with 9.8 severity rating under exploit across globe

arstechnica.com Unknown 2026-01-02 03:30:09

Authorities and researchers are sounding the alarm over the active mass exploitation of a high-severity vulnerability in Microsoft SharePoint Server that’s allowing attackers to make off with sensitive company data, including authentication tokens used to access systems inside networks. Researchers said anyone running an on-premises instance of SharePoint should assume their networks are breached. The vulnerability, tracked as CVE-2025-53770, carries a severity rating of 9.8 out of a possible 1

Topics: 2025 cve microsoft sharepoint vulnerability
Read More
Shop Amazon

Hackers exploiting SharePoint zero-day seen targeting government agencies

techcrunch.com Lorenzo Franceschi-Bicchierai 2026-01-02 03:42:36

The hackers behind the initial wave of attacks exploiting a zero-day in Microsoft SharePoint servers have so far primarily targeted government organizations, according to researchers as well as news reports. Over the weekend U.S. cybersecurity agency CISA published an alert, warning that hackers were exploiting a previously unknown bug — known as a “zero-day” — in Microsoft’s enterprise data management product SharePoint. While it’s still early to draw definitive conclusions, it appears that th

Topics: cutler disrupt government hackers sharepoint
Read More
Shop Amazon

Microsoft hit with SharePoint attack affecting global businesses and governments

cnbc.com Annie Palmer 2026-01-02 22:15:02

A Microsoft store in New York, US, on Friday, Oct. 25, 2024. Microsoft has warned of "active attacks" targeting its SharePoint collaboration software, with security researchers noting that organizations worldwide stand to be affected by the breach. The Cybersecurity and Infrastructure Security Agency said Sunday in a release that the vulnerability provides unauthenticated access to systems and full access to SharePoint content, enabling bad actors to execute code over the network. CISA said t

Topics: access microsoft organizations said sharepoint
Read More
Shop Amazon

Microsoft hit with SharePoint attack — one version still vulnerable

cnbc.com Annie Palmer 2026-01-03 03:27:47

A Microsoft store in New York, US, on Friday, Oct. 25, 2024. Microsoft has warned of "active attacks" targeting its SharePoint collaboration software, with security researchers noting that organizations worldwide stand to be affected by the breach. The Cybersecurity and Infrastructure Security Agency said Sunday in a release that the vulnerability provides unauthenticated access to systems and full access to SharePoint content, enabling bad actors to execute code over the network. CISA said t

Topics: access microsoft organizations said sharepoint
Read More
Shop Amazon

Microsoft Fix Targets Attacks on SharePoint Zero-Day

krebsonsecurity.com Unknown 2026-01-03 03:45:46

On Sunday, July 20, Microsoft Corp. issued an emergency security update for a vulnerability in SharePoint Server that is actively being exploited to compromise vulnerable organizations. The patch comes amid reports that malicious hackers have used the Sharepoint flaw to breach U.S. federal and state agencies, universities, and energy companies. In an advisory about the SharePoint security hole, a.k.a. CVE-2025-53770, Microsoft said it is aware of active attacks targeting on-premises SharePoint

Topics: 2025 cve microsoft servers sharepoint
Read More
Shop Amazon

Microsoft fixes two SharePoint zero-days under attack, but it's not over - how to patch

zdnet.com Lance Whitney 2026-01-03 03:05:25

sankai/Getty Microsoft has patched two critical zero-day SharePoint security flaws that have already been exploited by hackers to attack vulnerable organizations. Responding to the exploits, the software giant has issued fixes for SharePoint Server Subscription Edition and SharePoint Server 2019 but is still working on a patch for SharePoint Server 2016. Designated as CVE-2025-53771 and CVE-2025-53770, the two vulnerabilities apply only to on-premises versions of SharePoint, so organizations t

Topics: 2025 cve microsoft server sharepoint
Read More
Shop Amazon

Microsoft Sharepoint server vulnerability puts an estimated 10,000 organizations at risk

engadget.com Unknown 2026-01-03 12:00:06

A major zero-day security vulnerability in Microsoft's widely used SharePoint server software has been exploited by hackers, causing chaos within businesses and government agencies, multiple outlets have reported. Microsoft announced that it had released a new security patch "to mitigate active attacks targeting on-premises [and not online] servers," but the breach has already effected universities, energy companies, federal and state agencies and telecommunications firms. The SharePoint flaw i

Topics: flaw hackers microsoft security sharepoint
Read More
Shop Amazon

New zero-day bug in Microsoft SharePoint under widespread attack

techcrunch.com Zack Whittaker 2026-01-03 12:50:00

The U.S. federal government and cybersecurity researchers say a newly discovered security bug found in Microsoft’s SharePoint is under attack. U.S. cybersecurity agency CISA sounded the alarm this weekend that hackers were actively exploiting the bug. Microsoft has not yet provided patches for all affected SharePoint versions, leaving customers across the world largely unable to defend against the ongoing intrusions. Microsoft said the bug, known officially as CVE-2025-53771, affects versions

Topics: bug hackers microsoft servers sharepoint
Read More
Shop Amazon

10,000+ companies at risk from Microsoft Sharepoint security flaw

9to5mac.com Ben Lovejoy 2026-01-03 23:49:12

More than 10,000 organizations around the world are at risk from hackers after a serious security flaw was discovered in Microsoft’s popular Sharepoint platform, used to store and share confidential documents. The majority of companies at risk are said to be in the US … Microsoft said that there were “active attacks targeting on-premises servers.” US federal and state agencies are among the organizations said to have been affected. Security researchers cited by Bloomberg said that the vulnerab

Topics: hackers organizations said security sharepoint
Read More
Shop Amazon

Microsoft SharePoint servers are under attack because of a major security flaw

theverge.com Jess Weatherbed 2026-01-03 21:01:03

Hackers have exploited vulnerabilities in Microsoft’s SharePoint software, placing tens of thousands of on-premises servers used by global businesses and agencies at risk. Microsoft issued an alert on Saturday disclosing that it was aware of “active attacks,” and that it was working to patch the zero-day exploit. Researchers at Eye Security first identified the vulnerability on July 18th, which allows hackers to access certain on-premises versions of SharePoint and steal keys that can let them

Topics: exploit hackers microsoft servers sharepoint
Read More
Shop Amazon

Microsoft releases emergency patches for SharePoint RCE flaws exploited in attacks

bleepingcomputer.com Unknown 2026-01-03 21:41:46

Microsoft has released emergency SharePoint security updates for two zero-day vulnerabilities tracked as CVE-2025-53770 and CVE-2025-53771 that have compromised services worldwide in "ToolShell" attacks. In May, during the Berlin Pwn2Own hacking contest, researchers exploited a zero-day vulnerability chain called "ToolShell," which enabled them to achieve remote code execution in Microsoft SharePoint. These flaws were fixed as part of the July Patch Tuesday updates; However, threat actors were

Topics: 2025 cve microsoft sharepoint update
Read More
Shop Amazon

Microsoft SharePoint zero-day exploited in RCE attacks, no patch available

bleepingcomputer.com Unknown 2026-01-03 17:40:06

A critical zero-day vulnerability in Microsoft SharePoint, tracked as CVE-2025-53770, has been actively exploited since at least July 18th, with no patch available and at least 85 servers already compromised worldwide. In May, Viettel Cyber Security researchers chained two Microsoft SharePoint flaws, CVE-2025-49706 and CVE-2025-49704, in a "ToolShell" attack demonstrated at Pwn2Own Berlin to achieve remote code execution. While Microsoft patched both ToolShell flaws as part of the July Patch T

Topics: 2025 cve microsoft security sharepoint
Read More
Shop Amazon

Microsoft investigates ongoing SharePoint Online access issues

bleepingcomputer.com Unknown 2026-02-04 12:53:43

​Microsoft is investigating an ongoing incident causing intermittent issues for users attempting to access SharePoint Online sites. Part of the Microsoft 365 suite, SharePoint Online is a cloud-based collaboration and document management platform that allows users to create websites, store and share documents, and collaborate on content over the Internet. As the company announced earlier today in an incident alert published in the message center, users are seeing "Something went wrong" errors

Topics: incident microsoft online sharepoint users
Read More
Shop Amazon
Trending Topics
Hot Now
ai 3583 apple 2975 new 2359 google 1991 content 1710
Popular
like 1476 company 1408 pro 1305 iphone 1128 app 1113 zdnet 1094 said 1043 data 1036 does 896 reviews 882
Emerging
editorial 861 amazon 854 game 800 samsung 764 phone 756 pixel 754 android 730 just 712 available 680 users 676
About GoKawiil

GoKawiil is a project by nerdhub.co that curates technology news from trusted sources. We built this site to provide a cleaner, more mobile-friendly experience without intrusive ads or heavy JavaScript.

Privacy

Your privacy matters. GoKawiil doesn't use Google Analytics or Facebook Pixel. The only tracking occurs through affiliate links to Amazon.

Advertising

Interested in advertising? Contact us at [email protected]