Hackers Exploit Microsoft SharePoint Servers; CISA Issues Urgent Warning
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert warning organizations of an active exploitation campaign targeting on-premises Microsoft SharePoint servers. According to CISA’s July 20 report, the attack—known publicly as “ToolShell”—takes advantage of server vulnerabilities to grant attackers full access to internal systems.
“This exploitation activity… provides unauthenticated access to systems and enables malicious actors to fully access SharePoint content,” CISA said in its July 20 report. The agency is currently assessing the full impact of the breach.
Microsoft acknowledged the threat on July 19, confirming that only on-premises servers are affected—SharePoint Online on Microsoft 365 is not at risk. Updates have been released for SharePoint Subscription Edition and SharePoint 2019, while patches for SharePoint 2016 are pending.
Both CISA and Microsoft urge system administrators to install the latest security updates, enable Antimalware Scan Interface (AMSI), and deploy Microsoft Defender for Endpoint. In cases where AMSI cannot be activated, CISA recommends temporarily disconnecting affected systems from the internet.
The exploit, listed under CVE-2025-49706, has been added to CISA’s Known Exploited Vulnerabilities catalog. Organizations are encouraged to review their logging practices, reduce administrative privileges, and follow Microsoft’s advanced mitigation strategies.
With over 200,000 organizations relying on SharePoint globally, the attack underscores growing cybersecurity challenges. CISA further warned of increasing threats to cloud infrastructure, calling for enhanced public-private cooperation to defend digital assets.
The Philadelphia 76ers continued reshaping their roster Thursday, agreeing to a two-year, $12.3 million contract with free agent guard Anfernee…
Chicago’s minimum wage increased to $17.05 per hour on July 1, 2026, for employers with four or more workers, as…
Colson Montgomery delivered a key go-ahead double in the eighth inning as the Chicago White Sox opened their seven-game road…
Chicago officials have announced the lineup for the 2026 Chicago Gospel Music Festival, which will return to Millennium Park as…
The Chicago White Sox will look to complete a three-game sweep of the Cleveland Guardians on Wednesday afternoon after securing…
As the 2026 NBA Draft approaches, North Carolina forward Caleb Wilson is drawing increasing attention as one of the premier…
This website uses cookies.