Microsoft contained a major SharePoint security flaw, amid fresh questions about the future of its legacy on-premises software.

Microsoft is issuing an emergency fix to close off a vulnerability in Microsoft’s SharePoint software that hackers have exploited to carry out widespread attacks on businesses and at least some federal agencies.

A cyber-espionage campaign centered on vulnerable versions of Microsoft's server software now involves the deployment of ransomware, Microsoft said in a late Wednesday blog post.

Microsoft confirms Chinese hackers exploited a SharePoint flaw; Patches now available. Cloud-based Microsoft 365 not affected.

Two Chinese nation-state actors and one China-based threat actor have tried to exploit the vulnerability for weeks, Microsoft said.

Federal cybersecurity officials have issued a warning to Microsoft users about a security flaw allowing hackers to access to certain SharePoint systems.

A major security vulnerability in Microsoft's widely used Sharepoint server software has been exploited by hackers, causing chaos within businesses and government agencies.

This Alert was updated to reflect newly released information from Microsoft, and to correct the actively exploited Common Vulnerabilities and Exposures (CVEs), which have been confirmed as CVE-2025-49706,

Hackers with ties to the Chinese government have been linked to a recent wave of widespread attacks targeting a Microsoft SharePoint zero-day vulnerability chain.

Microsoft has just disclosed a serious vulnerability in SharePoint (CVE-2025-53770) that allows unauthenticated attackers to remotely execute code

Microsoft has pointed the finger at three Chinese nation-state actors for exploiting the SharePoint vulnerabilities. Here's what we know about the security flaws and how to guard against future attacks.