Krebs on Security

Microsoft Fix Targets Attacks on SharePoint Zero-Day

On Sunday, July 20, Microsoft Corp. issued an emergency security update for a vulnerability in SharePoint Server that is actively being exploited to compromise vulnerable organizations. The patch ...
Forbes

Microsoft Confirms Global SharePoint Attack — Emergency Update Issued

Update, July 21, 2025: This story, originally published on July 20, has been updated to include additional expert comments regarding the global zero-day attack impacting Microsoft on-premise ...
ZDNet

Microsoft fixes SharePoint zero-day exploits used in cyberattacks and ransomware - how to patch them

Microsoft has patched three critical zero-day SharePoint security flaws that hackers have already exploited to attack more vulnerable organizations. Responding to the exploits, the software giant ...
Bleeping Computer

Microsoft SharePoint zero-day exploited in RCE attacks, no patch available

Update 7/21/25: Added links to the security updates for Microsoft SharePoint 2019. Critical zero-day vulnerabilities in Microsoft SharePoint, tracked as CVE-2025-53770 and CVE-2025-53771, have been ...
TechCrunch

New zero-day bug in Microsoft SharePoint under widespread attack

The U.S. federal government and cybersecurity researchers say a newly discovered security bug found in Microsoft’s SharePoint is under attack. U.S. cybersecurity agency CISA sounded the alarm this ...
CRN

Microsoft SharePoint Server Attacks Are ‘Close-To-Worst-Case Scenario:’ Researcher

Cyberattacks exploiting zero-day vulnerabilities in on-premises SharePoint Servers have so far led to ‘widespread impact across hundreds of organizations,’ according to a researcher at cybersecurity ...
CSOonline

Microsoft SharePoint zero-day breach hits on-prem servers

CISA has mandated immediate mitigation for federal agencies, while analysts urge enterprises to accelerate cloud migration and implement live threat detection. Attackers are exploiting a previously ...