This is a developing story, new update here: Microsoft pins on-prem SharePoint attacks on Chinese threat actors Attackers are exploiting a zero-day variant (CVE-2025-53770) of a SharePoint remote code execution vulnerability (CVE-2025-49706) that Microsoft patched earlier this month, the company has confirmed on Saturday. CVE-2025-53770 is being leveraged to place a backdoor on vulnerable on-premises SharePoint Servers and to grab the systems’ security keys, allowing the attackers full takeover of the machines. There is currently … Continue reading Microsoft SharePoint servers under attack via zero-day vulnerability (CVE-2025-53770)