Techly NewsGet the app

Get the latest tech news

Microsoft fixes SharePoint zero-day exploits used in cyberattacks and ransomware - how to patch them


Microsoft has pointed the finger at three Chinese nation-state actors for exploiting the SharePoint vulnerabilities. Here's what we know about the security flaws and how to guard against future attacks.

Kiryl Pro motion / Getty ImagesMicrosoft has patched three critical zero-day SharePoint security flaws that hackers have already exploited to attack more vulnerable organizations. "CVE‑2025‑53770 gives a threat actor the ability to remotely execute code, bypassing identity protections (like single sign‑on and multi‑factor authentication), giving access to content on the SharePoint server including configurations and system files, opening up lateral access across the Windows domain," Trey Ford, chief information security officer at crowdsourced cybersecurity provider Bugcrowd, told ZDNET. "On the evening of July 18, 2025, Eye Security was the first in identifying large‑scale exploitation of a new SharePoint remote code execution (RCE) vulnerability chain in the wild," the firm said.

Get the Android app

Or read this on ZDNet

Read more on:

Photo of Microsoft

Microsoft

Photo of Ransomware

Ransomware

Photo of cyberattacks

cyberattacks

Related news:

News photo

Coyote malware abuses Microsoft's UI Automation to hunt banking creds

News photo

Microsoft Says Some SharePoint Server Hackers Now Using Ransomware

News photo

Founders Fund, Microsoft-Backed Armada Raises $131 Million For AI Data Centers

« The ICJ Rules That Failing to Combat Climate Change Could Violate International Law
AI is an over-confident pal that doesn't learn from mistakes »