Bleeping Computer

Microsoft releases emergency patches for SharePoint RCE flaws exploited in attacks

Microsoft has released emergency SharePoint security updates for two zero-day vulnerabilities tracked as CVE-2025-53770 and CVE-2025-53771 that have compromised services worldwide in "ToolShell" ...
Bleeping Computer

New SharePoint flaws help hackers evade detection when stealing files

Researchers have discovered two techniques that could enable attackers to bypass audit logs or generate less severe entries when downloading files from SharePoint. Microsoft SharePoint is a web-based ...