SharePoint 0-Day RCE Vulnerability Actively Exploited in the Wild to Gain Full Server Access

Threat Level

80% Cybersecurity News 5 hours ago

A sophisticated cyberattack campaign targeting Microsoft SharePoint servers has been discovered exploiting a newly weaponized vulnerability chain dubbed “ToolShell,” enabling attackers to gain complete remote control over vulnerable systems without authentication. Eye Security, a Dutch cybersecurity firm, identified the active exploitation on July 18, 2025, revealing what security researchers describe as one of the most […]...

Continue Reading on Original Site

Recommended Articles

Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Global Organizations

The Hacker News 36 minutes ago

A critical security vulnerability in Microsoft SharePoint Server has been weaponized as part of an "active, large-scale" exploitation campaign. The zero-day flaw, tracked asCVE-2025-53770(CVSS score: ...

Malware Injected into 6 npm Packages After Maintainer Tokens Stolen in Phishing Attack

The Hacker News 48 minutes ago

Cybersecurity researchers have alerted to a supply chain attack that has targeted popular npm packages via a phishing campaign designed to steal the project maintainers' npm tokens. The captured token...

Hackers Exploit Critical CrushFTP Flaw to Gain Admin Access on Unpatched Servers

The Hacker News 2 hours ago

A newly disclosed critical security flaw in CrushFTP has come under active exploitation in the wild. Assigned the CVE identifierCVE-2025-54309, the vulnerability carries a CVSS score of 9.0. "CrushFTP...

2025-07-20 - Cluster AI Daily Threat Brief

ThreatCluster 10 hours ago

# Daily Threat Intelligence Brief - July 20, 2025 ## Executive Summary Today's threat landscape is increasingly complex, with a notable rise in sophisticated phishing techniques and exploitation of ...

From Friction to Function: Optimising Onboarding in an Age of AML, AI and Rising Risk

Finextra Security 19 hours ago

From Friction to Function: Optimising Onboarding in an Age of AML, AI and Rising Risk Join this webinar, hosted in association with nCino, to the challenges of commercial onboarding, particularly in t...

Threat Intelligence

Ransomware 1

One

Vulnerabilities 1

RCE

Business Intelligence

Companies 1

Microsoft

Platforms 1

SharePoint

Information

Article ID: #3877
Published: 5 hours ago
Source: Cybersecurity News

Recommended Articles

Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Global Organizations

Malware Injected into 6 npm Packages After Maintainer Tokens Stolen in Phishing Attack

Hackers Exploit Critical CrushFTP Flaw to Gain Admin Access on Unpatched Servers

2025-07-20 - Cluster AI Daily Threat Brief

From Friction to Function: Optimising Onboarding in an Age of AML, AI and Rising Risk

Save to Folder

We use cookies

Cookie Settings

Essential Cookies

Analytics Cookies

Performance Cookies

Marketing Cookies