Microsoft has released its August 2025 Patch package, a cumulative set of updates addressing more than 100 vulnerabilities across a host of its products. Microsoft’s SharePoint Server Remote Code ...

Microsoft has confirmed that vulnerabilities in its on-premises SharePoint Server installations, a network spoofing vulnerability (CVE-202549706), and a remote code execution vulnerability ...

A major zero-day security vulnerability in Microsoft's widely used SharePoint server software has been exploited by hackers, causing chaos within businesses and government agencies, multiple outlets ...

Authorities and researchers are sounding the alarm over the active mass exploitation of a high-severity vulnerability in Microsoft SharePoint Server that’s allowing attackers to make off with ...

A vulnerability in Microsoft’s SharePoint Server is under active review by threat intelligence researchers as some have found evidence that U.S. government systems have been exposed and potentially ...

Update, July 21, 2025: This story, originally published on July 20, has been updated to include additional expert comments regarding the global zero-day attack impacting Microsoft on-premise ...

The security update for SharePoint Server 2016 means that patches for ‘all supported versions of SharePoint’ are now available to protect against a pair of widely exploited vulnerabilities, the tech ...

The 107 vulnerabilities addressed in Microsoft’s monthly release of security fixes includes a pair of new SharePoint Server flaws. Microsoft released fixes Tuesday for 107 newly disclosed software ...

On Sunday, July 20, Microsoft Corp. issued an emergency security update for a vulnerability in SharePoint Server that is actively being exploited to compromise vulnerable organizations. The patch ...

A zero-day vulnerability in Microsoft Corp.’s SharePoint with no known patch is being exploited in the wild as security researchers warn that attackers are actively compromising servers across ...

CISA has mandated immediate mitigation for federal agencies, while analysts urge enterprises to accelerate cloud migration and implement live threat detection. Attackers are exploiting a previously ...