Kaspersky’s Global Research and Analysis Team (GReAT) reveals that the recently exploited ToolShell vulnerabilities in Microsoft SharePoint originate from an incomplete fix for CVE-2020-1147, first ...

The ToolShell bugs are being exploited by cybercriminals and APT groups alike, with the US on the receiving end of 13 percent ...

Microsoft’s security analysts confirm that a number of cyber attacks on on-premise SharePoint Server users involve ransomware ...

Microsoft said Chinese actor Storm-2603 is deploying Warlock ransomware following the exploitation of vulnerabilities in ...

A July 8 fix for a critical SharePoint zero-day failed to stop active exploitation, enabling state-backed attackers to breach ...

Storm-2603 exploits SharePoint flaws to deploy Warlock ransomware, affecting 400+ victims. Microsoft urges mitigation.

Hackers are actively exploiting a critical SharePoint zero-day (CVE-2025-53770), hitting 400+ firms and institutions like the ...

A China-based hacking group is deploying Warlock ransomware on Microsoft SharePoint servers vulnerable to widespread attacks ...

Microsoft has pointed the finger at three Chinese nation-state actors for exploiting the SharePoint vulnerabilities. Here's what we know about the security flaws and how to guard against future ...

ESET Research has been monitoring intense attacks involving the recently discovered ToolShell zero-day vulnerabilities.

More information has emerged on the ToolShell SharePoint zero-day attacks, including impact, victims, and threat actors.

Microsoft warns of active attacks by Chinese hackers exploiting SharePoint flaws CVE-2025-49706 and CVE-2025-49704, urging urgent patching and mitigation steps.