Federal cybersecurity officials have issued a warning to Microsoft users about a security flaw allowing hackers to access to certain SharePoint systems.

This Alert was updated to reflect newly released information from Microsoft, and to correct the actively exploited Common Vulnerabilities and Exposures (CVEs), which have been confirmed as CVE-2025-49706,

A critical security vulnerability in Microsoft SharePoint has been actively exploited by threat actors to infiltrate thousands of organizations worldwide.

Microsoft is issuing an emergency fix to close off a vulnerability in Microsoft’s SharePoint software that hackers have exploited to carry out widespread attacks on businesses and at least some federal agencies.

Microsoft has now released a patch, but attackers were not idle over the weekend. Dozens of SharePoint installations fell victim of "ToolShell"

Exploitation of the ToolShell RCE zero-day in Microsoft SharePoint continues to gather pace, with evidence emerging of exploitation by nation state-backed threat actors.

Microsoft Corp. said a Chinese hacking group is exploiting security vulnerabilities in the company’s SharePoint servers to deploy ransomware, following a cyberattack discovered last week that has affected hundreds of entities around the world.