News

What to know about ToolShell, the SharePoint threat under mass exploitation
The name was coined by Dinh Ho Anh, a researcher from Khoa of Viettel Cyber Security, who developed the exploit. The ...
SecurityWeek18h
Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch
Microsoft says the Chinese threat actors Linen Typhoon, Violet Typhoon, and Storm-2603 have been exploiting the ToolShell ...
The Hacker News10h
CISA Orders Urgent Patching After Chinese Hackers Exploit SharePoint Flaws in Live Attacks
CISA flags Microsoft SharePoint flaws under active attack by Chinese hackers. U.S. agencies must patch by July 23 ...
US nuclear weapons agency reportedly hacked in SharePoint attacks
Unknown threat actors have reportedly breached the National Nuclear Security Administration's (NNSA) network in attacks ...
Microsoft knew of SharePoint security flaw but failed to effectively patch it, timeline shows
A security patch Microsoft (MSFT.O), opens new tab released this month failed to fully fix a critical flaw in the U.S. tech ...
Three Chinese groups identified as attackers on Sharepoint servers
An analysis by Microsoft names three different groups from China as the attackers of the latest Sharepoint vulnerability. But ...
GovInfoSecurity7h
US Nuclear Agency Breach Tied to SharePoint Zero-Days
The U.S. government agency that maintains and designs America's nuclear weapons was reportedly breached by attackers ...
SharePoint hacking campaign affects hundreds of systems worldwide
The global hacking campaign linked to the ToolShell vulnerability in Microsoft SharePoint has compromised hundreds of systems across the globe, according to security researchers. The Shadowserver ...
US nuclear weapons agency hacked in Microsoft SharePoint attacks
Unknown threat actors have breached the National Nuclear Security Administration's network in attacks exploiting a recently ...
Microsoft’s Security Patch Misfire Exposes Its Server Flaw to Global Cyber Espionage Campaign Linked to China
A botched security patch by Microsoft has left its widely-used SharePoint Server exposed to a critical vulnerability—fueling ...
Attacks on Microsoft Sharepoint: What admins need to do after patching
Closing the gaps is not enough against the current toolshell attacks. After all, attackers could already be inside. We show ...
Microsoft fixes two SharePoint zero-days under attack, but one is still unresolved - how to patch
Microsoft has pointed the finger at three Chinese nation-state actors. Here's what we know, plus how to guard against future ...