SharePoint 0-Day RCE Flaw Actively Exploited for Full Server Takeover
A devastating new SharePoint vulnerability is being actively exploited in large-scale attacks worldwide, enabling attackers to gain complete control of on-premise servers without authentication.
Security researchers at Eye Securitydiscoveredthe ongoing campaign on July 18, 2025, revealing a sophisticated exploit chain dubbed “ToolShell” that leverages previously demonstrated Pwn2Own vulnerabilities to achieve remote code execu...
Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers
SecurityWeek
10 hours ago
Microsoft has started releasing updates to fix the exploited SharePoint zero-days tracked as CVE-2025-53770 and CVE-2025-53771....