Microsoft Patch Tuesday Fixes 112 Flaws, Includes SharePoint and Windows

Microsoft’s January 2026 Patch Tuesday fixes 112 CVEs, including an exploited Windows DWM zero-day, plus critical flaws ...

Top 10 PowerShell Commands to Use in 2026

Here are 10 PowerShell commands to use in 2026. The Get-Help cmdlet displays information about PowerShell concepts and ...
Computerworld

Again? Microsoft hit for poor security in major SharePoint hack

The company has been called out repeatedly for inadequate security practices, and now we have another case in point: a successful SharePoint hack that’s among the worst in Microsoft’s history. Once ...
GeekWire

Microsoft contains SharePoint security wildfire, but questions linger about on-premises software

Editor’s note: This is a guest analysis from Christopher Budd, who previously spent a decade at the Microsoft Security Response Center (MSRC). Emergency security teams know summer weekends are made ...
Dark Reading

Ransomware Actors Pile on 'ToolShell' SharePoint Bugs

China-based threat actor Storm-2603 has been observed attacking on-premises SharePoint customers with Warlock ransomware. That comes from Microsoft, which on June 23 updated a blog post published the ...
Nextgov

Pentagon not impacted by Microsoft Sharepoint hack, tech chief says

The department has been holding daily calls with Microsoft since the zero-day was discovered, the DOD CIO said at an event Thursday. The Department of Defense has not been ensnared by a broad ...
Infosecurity-magazine.com

Ransomware Deployed in Compromised SharePoint Servers

A Chinese-based threat actor has been observed using the flaws in Microsoft SharePoint to deploy ransomware on compromised systems. In an incident update on July 23, Microsoft revealed that a group ...
Reuters

Microsoft knew of SharePoint security flaw but failed to effectively patch it, timeline shows

LONDON, July 22 (Reuters) - A security patch Microsoft (MSFT.O), opens new tab released this month failed to fully fix a critical flaw in the U.S. tech giant's SharePoint server software, opening the ...
Computer Weekly

Microsoft confirms China link to SharePoint hacks

Microsoft has revealed that Chinese state threat actors are actively targeting and exploiting a highly dangerous zero-day vulnerability in SharePoint Server, confirming earlier reports from Google ...
Forbes

Microsoft Confirms Global SharePoint Attack — Emergency Update Issued

Update, July 21, 2025: This story, originally published on July 20, has been updated to include additional expert comments regarding the global zero-day attack impacting Microsoft on-premise ...
USA Today

Microsoft SharePoint attack: Officials issue warning about 'active exploitation'

Federal cybersecurity officials have issued a warning to Microsoft users about a security flaw allowing hackers to access to certain SharePoint systems. The U.S. Cybersecurity and Infrastructure ...