Dark Reading

Researchers Release Details of New RCE Exploit Chain for SharePoint

Researchers who discovered two critical vulnerabilities in Microsoft SharePoint Server have released details of an exploit they developed that chains the two vulnerabilities together to enable remote ...
Bleeping Computer

CISA tags Microsoft SharePoint RCE bug as actively exploited

CISA warns that attackers are now exploiting a Microsoft SharePoint code injection vulnerability that can be chained with a critical privilege escalation flaw for pre-auth remote code execution ...
Bleeping Computer

CISA: Critical Microsoft SharePoint bug now actively exploited

CISA warns that attackers are now exploiting a critical Microsoft SharePoint privilege escalation vulnerability that can be chained with another critical bug for remote code execution. Tracked as ...
abc7NY

Microsoft SharePoint under 'active exploitation,' Homeland Security's CISA says

The Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) has posted an alert saying it is aware of "active exploitation" of a new vulnerability to Microsoft ...
WPBF

What to know about a vulnerability being used by hackers on Microsoft SharePoint servers

Microsoft has issued an emergency fix to close off a vulnerability in Microsoft’s widely used SharePoint software that hackers have exploited to carry out widespread attacks on businesses and at least ...
GeekWire

Microsoft contains SharePoint security wildfire, but questions linger about on-premises software

Editor’s note: This is a guest analysis from Christopher Budd, who previously spent a decade at the Microsoft Security Response Center (MSRC). Emergency security teams know summer weekends are made ...