A top security researcher claims the massive SharePoint zero-day attack was fueled by a leak from a Microsoft partner program, giving hackers a critical head start.

Threat actors exploit SharePoint flaws to access internal systems, steal sensitive data, and carry out surveillance, ...

Microsoft is investigating whether a leak from its early alert system for cybersecurity companies allowed Chinese hackers to ...

Microsoft has released security patches for the zero-day vulnerability chain dubbed ToolShell, capable of remote code ...

Researcher Khoa Dinh originally discovered the attack chain, and earlier this month, Code White GmbH was able to reproduce ...

Microsoft has confirmed that vulnerabilities in its on-premises SharePoint Server installations, a network spoofing vulnerability (CVE-202549706), ...

It's not just data theft. A China-based hacking group is using a flaw in vulnerable SharePoint servers to deliver ransomware, ...

Let the games begin Ransomware has officially entered the Microsoft SharePoint exploitation ring.… Late Wednesday, in an ...

Department of Homeland Security headquarters, several of its agencies and the Department of Health and Human Services have ...

A China-based hacking group is deploying Warlock ransomware on Microsoft SharePoint servers vulnerable to widespread attacks ...

Multiple hacking groups—including state actors from China—have targeted a vulnerability in older, on-premises versions of the ...

The active exploitation of a zero-day vulnerability in Microsoft SharePoint has led to a sweeping cyberattack involving over 100 organizations, including the U.S. National Nuclear Security ...