Microsoft SharePoint zero-day exploited in RCE attacks, no patch available
Lawrence Abrams
July 20, 2025
11:40 AM
0
A critical zero-day vulnerability in Microsoft SharePoint, tracked as CVE-2025-53770, has been actively exploited since at least July 18th, with no patch available and at least 85 servers already compromised worldwide.
In May, Viettel Cyber Security researchers chained two Microsoft SharePoint flaws,CVE-2025-49706andCVE-2025-49704, in a "ToolShell" attack demonstrated at Pwn2Own Be...
SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available
SecurityWeek
9 hours ago
Enterprises running SharePoint servers should not wait for a fix for CVE-2025-53770 and should commence threat hunting to for compromise immediately....