CISA Warns of Chinese Hackers Exploiting SharePoint 0-Day Flaws in Active Exploitation

Threat Level

68% Cybersecurity News 16 hours ago Part of cluster #1289

CISA has issued an urgent alert regarding active exploitation of critical Microsoft SharePoint vulnerabilities by suspected Chinese threat actors. The attack campaign, dubbed “ToolShell,” leverages a vulnerability chain involving CVE-2025-49706 (network spoofing) and CVE-2025-49704 (remote code execution) to gain unauthorized access to on-premises SharePoint servers. The sophisticated attack enables malicious actors to achieve both unauthenticated […]...

Continue Reading on Original Site

Recommended Articles

Active Exploitation Against Adobe Commerce and Magento Through CVE-2022-24086/CVE-2022-24087

FortiGuard Threat Signal 21 hours ago

Threat Signal Report Active Exploitation Against Adobe Commerce and Magento Through CVE-2022-24086/CVE-2022-24087 Description UPDATE February 17:Added reference to CVE-2022-24087, which Adobe disclose...

Akira Ransomware Attack

FortiGuard Threat Signal 23 hours ago

Threat Signal Report Akira Ransomware Attack Description What is the Akira Ransomware Attack? The Akira ransomware attack has been actively and widely impacting businesses. According to CISA advisory,...

NextGen Healthcare Mirth Connect RCE

FortiGuard Threat Signal 23 hours ago

Threat Signal Report NextGen Healthcare Mirth Connect RCE Description What is the vulnerability? NextGen Healthcare Mirth Connect is vulnerable to unauthenticated remote code execution (CVE-2023-43208...

Ivanti Connect Secure and Policy Secure Gateways Zero-day Vulnerabilities

FortiGuard Threat Signal 23 hours ago

Threat Signal Report Ivanti Connect Secure and Policy Secure Gateways Zero-day Vulnerabilities Description What is the Vulnerability? Ivanti recently published an advisory on two vulnerabilities on Ja...

PaperCut Remote Code Execution Vulnerability Exploited in the Wild

FortiGuard Threat Signal 22 hours ago

Threat Signal Report PaperCut Remote Code Execution Vulnerability Exploited in the Wild Description UPDATE 04/26/2023:Updated protection section for IPS protection. FortiGuard Labs is aware that a rec...

Threat Intelligence

Attack Types 1

Remote Code Execution

Vulnerabilities 1

Remote Code Execution

Business Intelligence

Companies 1

Microsoft

Agencies 1

CISA

Platforms 1

SharePoint

Technical Indicators

CVEs 2

CVE-2025-49706 CVE-2025-49704

Information

Article ID: #4410
Published: 16 hours ago
Source: Cybersecurity News

Recommended Articles

Active Exploitation Against Adobe Commerce and Magento Through CVE-2022-24086/CVE-2022-24087

Akira Ransomware Attack

NextGen Healthcare Mirth Connect RCE

Ivanti Connect Secure and Policy Secure Gateways Zero-day Vulnerabilities

PaperCut Remote Code Execution Vulnerability Exploited in the Wild

Save to Folder

We use cookies

Cookie Settings

Essential Cookies

Analytics Cookies

Performance Cookies

Marketing Cookies