A top security researcher claims the massive SharePoint zero-day attack was fueled by a leak from a Microsoft partner program, giving hackers a critical head start.

Microsoft is investigating whether a leak from its Microsoft Active Protections Program (MAPP) enabled Chinese state‑linked ...

On July 20, 2025, Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA) issued urgent warnings about new, actively ...

Microsoft has released security patches for the zero-day vulnerability chain dubbed ToolShell, capable of remote code ...

Microsoft has confirmed that vulnerabilities in its on-premises SharePoint Server installations, a network spoofing vulnerability (CVE-202549706), ...

Microsoft confirms Chinese hackers exploited a SharePoint flaw; Patches now available. Cloud-based Microsoft 365 not affected ...

Microsoft contained a major SharePoint security flaw, amid fresh questions about the future of its legacy on-premises ...

South Africa’s national treasury is investigating a link to the global attacks on Microsoft’s SharePoint software.

Several entities in South Africa have been compromised by hackers who exploited a security vulnerability in Microsoft’s ...

The company says several Chinese state-aligned groups have exploited the zero-day vulnerability disclosed on Saturday.

Microsoft has issued a stark warning about a recent cyberattack targeting critical infrastructure, including the U.S. National Nuclear Security Administration (NNSA), exposing vulnerabilities in its ...

The zero-day vulnerability — which was first disclosed late Saturday — has been exploited by several Chinese state-aligned ...