The risk for businesses who haven’t patched the ToolShell vulnerability keeps growing after new reports suggest ransomware actors are also joining the exploitation party. Researchers from Palo Alto ...

The name was coined by Dinh Ho Anh, a researcher from Khoa of Viettel Cyber Security, who developed the exploit. The ...

Microsoft identified at least three threat groups believed to be affiliated with China that have been exploiting publicly ...

Ransomware gangs have escalated a cyberattack campaign targeting Microsoft SharePoint servers, joining forces with suspected ...

Ransomware gangs have recently joined ongoing attacks targeting a Microsoft SharePoint vulnerability chain, part of a broader ...

In this week's update, four ISMG editors discussed the latest on the ToolShell exploit and the rise of Warlock ransomware, ...

Microsoft investigates whether the ToolShell exploit was leaked via MAPP, port cybersecurity, physical backdoor used for ATM ...

ESET Research has been monitoring intense attacks involving the recently discovered ToolShell zero-day vulnerabilities.

More details emerged on the ToolShell zero-day attacks targeting SharePoint servers, but confusion remains over the ...

Did China sneak a peak into ToolShell? ToolShell hacking in South Africa. Cisco flaws. Arizona woman sentenced for aiding ...

Major cyberattacks in 2025 so far have included the Microsoft SharePoint Server “ToolShell” attacks, the ransomware attack ...

Dubbed ToolShell, the related vulnerabilities, CVE-2025-53770 and CVE-2025-53771, allow for remote code execution (RCE) and server spoofing in SharePoint.