Microsoft has released security patches for the zero-day vulnerability chain dubbed ToolShell, capable of remote code execution on SharePoint, resulting in the exploitation of at least 54 organizations worldwide.

Microsoft contained a major SharePoint security flaw, amid fresh questions about the future of its legacy on-premises software.

A cyber-espionage campaign centered on vulnerable versions of Microsoft's server software now involves the deployment of ransomware, Microsoft said in a late Wednesday blog post.

Multiple hacking groups—including state actors from China—have targeted a vulnerability in older, on-premises versions of the file-sharing tool after a flawed attempt to patch it.

Let the games begin Ransomware has officially entered the Microsoft SharePoint exploitation ring.… Late Wednesday, in an update to its earlier warning, Redmond confirmed that a threat group it tracks as Storm-2603 is abusing vulnerable on-premises SharePoint servers to deploy ransomware.

It's not just data theft. A China-based hacking group is using a flaw in vulnerable SharePoint servers to deliver ransomware, Microsoft warns.

Microsoft is issuing an emergency fix to close off a vulnerability in Microsoft’s SharePoint software that hackers have exploited to carry out widespread attacks on businesses and at least some federal agencies.

Federal cybersecurity officials have issued a warning to Microsoft users about a security flaw allowing hackers to access to certain SharePoint systems.

A series of cyberattacks targeting Microsoft collaboration software, specifically SharePoint, have been linked to Chinese hackers and threat actors.