Tag

Sharepoint

All articles tagged with #sharepoint

technology1 month ago•3 min saved

Unpatched SharePoint spoofing flaw leaves 1,300+ servers at risk

More than 1,300 publicly reachable Microsoft SharePoint servers remain unpatched for CVE-2026-32201, a spoofing vulnerability that was exploited as a zero-day and can let attackers view and alter sensitive data without user interaction. The bug affects SharePoint Server 2016, 2019, and Subscription Edition; Microsoft issued patches in the April 2026 Patch Tuesday, but Shadowserver reports fewer than 200 systems updated so far. CISA added the flaw to its Known Exploited Vulnerabilities catalog and ordered FCEB agencies to patch within two weeks, while Microsoft has not tied attacks to a specific actor. The vulnerability impacts confidentiality and integrity, not availability.

via BleepingComputer|

#cve-2026-32201 #patch-tuesday #sharepoint

cybersecurity1 month ago•4 min saved

Microsoft Rolls Out Record Patch Tuesday: 169 Fixes Including SharePoint Zero-Day Exploited in the Wild

Microsoft released a record Patch Tuesday with 169 fixes across its products, highlighted by a SharePoint Server zero-day (CVE-2026-32201) that is actively exploited in the wild. The bundle also patches a Defender privilege-escalation flaw (CVE-2026-33825) tied to BlueHammer and a high-risk IKEv2 remote-code-execution issue (CVE-2026-33824) rated 9.8, along with extensive Edge updates and other critical/important vulnerabilities. Some of the flaws are listed in the CISA KEV catalog, triggering remediation deadlines for government agencies (by April 28, 2026).

via The Hacker News|

#cybersecurity #defender #ikev2

technology5 months ago•1 min saved

Microsoft Announces Global Security Mode Rollout for 2026

Microsoft is deploying Baseline Security Mode across Microsoft 365 tenants to centralize security policies for Office, SharePoint, Exchange, Teams, and Entra, helping administrators assess vulnerabilities, enforce policies, and improve security posture with minimal disruption, with full rollout expected by late January 2026.

via CybersecurityNews|

#baseline-security-mode #microsoft #office

technology9 months ago•5 min saved

Microsoft's August 2025 Patch Tuesday Addresses 111 Flaws and Critical Vulnerabilities

Microsoft's August Patch Tuesday addresses 111 issues, including 12 critical vulnerabilities with remote code execution risks, notably in Windows, SharePoint, and Office. Adobe also released patches for 68 CVEs across its products. Other tech giants like SAP, Intel, and Google issued updates fixing multiple vulnerabilities, emphasizing ongoing cybersecurity efforts. Despite no active exploits reported, the severity of these flaws warrants prompt patching to prevent potential attacks.

via theregister.com|

#critical-bugs #microsoft #security-patches

cybersecurity10 months ago•29 min saved

Weekly Cybersecurity Recap: SharePoint Breach, Threat Actor Tools, and Global Attacks

This weekly cybersecurity recap highlights ongoing threats including Chinese-backed SharePoint zero-days, North Korean IT worker schemes, malware campaigns targeting cloud and crypto users, and law enforcement disruptions of cybercriminal groups, emphasizing the evolving landscape of trust-based attacks and the importance of proactive defense measures.

via The Hacker News|

#cyberattack #cybersecurity #malware

technology10 months ago•5 min saved

Microsoft Investigates SharePoint Breach and Ransomware Threats

Microsoft is investigating whether a leak from its early alert system for cybersecurity partners, specifically the Microsoft Active Protections Program (MAPP), allowed Chinese hackers to exploit vulnerabilities in SharePoint before they were patched. The breach has affected over 400 entities worldwide, with suspected involvement of Chinese state-sponsored groups. Past incidents suggest potential leaks from the MAPP program, raising concerns about security and transparency, especially given Chinese laws requiring rapid vulnerability reporting and the involvement of Chinese companies in government-linked vulnerability programs.

via Bloomberg.com|

#chinese-hackers #cybersecurity #microsoft

security10 months ago•2 min saved

Microsoft SharePoint Vulnerabilities Exploited in Widespread Ransomware Attacks

Microsoft reports that the threat group Storm-2603, suspected to be China-based, is exploiting SharePoint vulnerabilities (CVE-2025-49706 and CVE-2025-49704) to deploy Warlock ransomware, using web shells, credential harvesting, and lateral movement techniques. Users are advised to update SharePoint, apply security patches, and implement security best practices to mitigate the threat.

via The Hacker News|

#exploitation #ransomware #security

security10 months ago•2 min saved

Microsoft Investigates SharePoint Vulnerabilities Exploited in Ransomware Attacks

A China-based hacking group, Storm-2603, is exploiting vulnerabilities in Microsoft SharePoint servers to deploy Warlock ransomware, affecting over 420 servers globally and targeting various U.S. government agencies and organizations, with Microsoft urging immediate security updates.

via BleepingComputer|

#cyberattack #exploits #ransomware

technology10 months ago•2 min saved

Microsoft SharePoint Vulnerabilities Exploited in Global Cyberattacks

Microsoft announced that a cyber-espionage group called Storm-2603 is exploiting vulnerabilities in SharePoint server software to deploy ransomware, leading to at least 400 known victims including U.S. government agencies, marking a significant escalation in the campaign.

via Reuters|

#cyber-espionage #hacking #microsoft

world10 months ago•2 min saved

Microsoft SharePoint Hack Hits 400 Victims, DHS and Agencies Affected

The Department of Homeland Security was affected by a cyberattack exploiting a zero-day vulnerability in Microsoft SharePoint, with multiple federal agencies potentially compromised. The attack, linked to Chinese state-aligned groups, involved unpatched systems and targeted sensitive government information. Microsoft has issued patches, and authorities are assessing the scope of the breach.

via Nextgov/FCW|

#chinese-hacking #cybersecurity #dhs

technology10 months ago•1 min saved

Microsoft SharePoint Hack Affects U.S. Nuclear and Health Agencies

A cyber-espionage campaign exploiting vulnerabilities in Microsoft's SharePoint server software has affected around 400 organizations, up from 100, with many victims still undisclosed. The attack, linked to Chinese hackers, began after Microsoft failed to fully patch a security flaw, leading to widespread server compromises including at the NIH.

via Reuters|

#chinese-hackers #cybersecurity #microsoft

technology10 months ago•2 min saved

Federal Agencies and Organizations Hit by SharePoint and Microsoft Software Hacks

Hackers have exploited a zero-day vulnerability in Microsoft SharePoint, breaching at least 400 organizations including government agencies like the NNSA, allowing remote code execution and data access. Microsoft has issued patches, but the attack highlights ongoing cybersecurity risks, especially from China-backed groups, with an increase in compromises expected.

via TechCrunch|

#cybersecurity #government #hacking

technology10 months ago•3 min saved

Microsoft's SharePoint Security Flaws and Global Cyber Threats

Microsoft knew of a critical SharePoint security flaw identified in May but released a patch that failed to fully fix it, leading to a global cyber espionage operation targeting around 100 organizations, with Chinese hacking groups exploiting the vulnerability despite Microsoft's efforts to patch it.

via Reuters|

#cyber-espionage #microsoft #patch-failure

technology10 months ago•1 min saved

Microsoft Links Chinese Hackers to SharePoint Vulnerability Exploits

Microsoft has identified Chinese hacking groups Linen Typhoon, Violet Typhoon, and Storm-2603 exploiting vulnerabilities in SharePoint Server, prompting security updates and urging immediate patching to prevent further attacks, which target organizations for espionage and intellectual property theft.

via Barron's|

#chinese-hackers #cybersecurity #microsoft

technology10 months ago•1 min saved

Microsoft Faces Rising Threats from Chinese Hackers Exploiting SharePoint Vulnerabilities

Microsoft has linked recent SharePoint server attacks to Chinese state-affiliated hacking groups, with vulnerabilities exploited to access sensitive data. Microsoft released patches for affected SharePoint versions, as investigations continue into ongoing threats from these groups, including Linen Typhoon, Violet Typhoon, and Storm-2603.

via The Verge|

#chinese-hacking-groups #cybersecurity #microsoft