CISA added CVE-2026-45659 SharePoint Server RCE to KEV following confirmed exploitation, requiring U.S. agencies to patch by ...
CISA warned on Wednesday that attackers have begun exploiting a high-severity Microsoft SharePoint remote code execution ...
Microsoft's prediction that attackers probably wouldn't rush to exploit a newly-patched SharePoint bug hasn't aged especially ...
CISA warns that attackers are exploiting Microsoft SharePoint vulnerability CVE-2026-45659, a high-severity remote code ...
Microsoft is retiring SharePoint Designer 2013, InfoPath, InfoPath Forms Services, and Remote Event Receivers across SharePoint Online.
Separate actors exploited the same exposure, creating overlapping intrusions that obscured detection and response.
Update, July 21, 2025: This story, originally published on July 20, has been updated to include additional expert comments regarding the global zero-day attack impacting Microsoft on-premise ...
Authorities and researchers are sounding the alarm over the active mass exploitation of a high-severity vulnerability in Microsoft SharePoint Server that’s allowing attackers to make off with ...
Hackers are actively exploiting a new zero-day bug in Microsoft's SharePoint Server software. The same software is used by key U.S. government agencies, including those tied to national security. The ...
Microsoft has alerted businesses and governments to "active attacks" on its popular SharePoint collaboration software. Patches have been issued for two versions of SharePoint software, while one ...