Categories: USA

CISA Warns of New Exploit Targeting Microsoft SharePoint

Hackers Exploit Microsoft SharePoint Servers; CISA Issues Urgent Warning

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert warning organizations of an active exploitation campaign targeting on-premises Microsoft SharePoint servers. According to CISA’s July 20 report, the attack—known publicly as “ToolShell”—takes advantage of server vulnerabilities to grant attackers full access to internal systems.

“This exploitation activity… provides unauthenticated access to systems and enables malicious actors to fully access SharePoint content,” CISA said in its July 20 report. The agency is currently assessing the full impact of the breach.

Microsoft acknowledged the threat on July 19, confirming that only on-premises servers are affected—SharePoint Online on Microsoft 365 is not at risk. Updates have been released for SharePoint Subscription Edition and SharePoint 2019, while patches for SharePoint 2016 are pending.

Both CISA and Microsoft urge system administrators to install the latest security updates, enable Antimalware Scan Interface (AMSI), and deploy Microsoft Defender for Endpoint. In cases where AMSI cannot be activated, CISA recommends temporarily disconnecting affected systems from the internet.

The exploit, listed under CVE-2025-49706, has been added to CISA’s Known Exploited Vulnerabilities catalog. Organizations are encouraged to review their logging practices, reduce administrative privileges, and follow Microsoft’s advanced mitigation strategies.

With over 200,000 organizations relying on SharePoint globally, the attack underscores growing cybersecurity challenges. CISA further warned of increasing threats to cloud infrastructure, calling for enhanced public-private cooperation to defend digital assets.

Recent Posts

Storm Await Diggins’ Return as Road Trip Begins

The Seattle Storm are bracing for the possible return of Skylar Diggins as they begin a three-game road trip Thursday…

1 day ago

USOPC Aligns With Executive Order on Women’s Sports

The U.S. Olympic and Paralympic Committee (USOPC) announced a policy update on July 21, confirming that women’s teams at the…

1 day ago

Kraft Heinz Mulls $20B Split to Revive Growth

Kraft Heinz is considering a sweeping corporate restructuring that could unwind its landmark 2015 merger, as the packaged food giant…

2 days ago

Illinois State Fair Offers Extended Hours, Deals for 2025

SPRINGFIELD, IL — The 2025 Illinois State Fair is making it easier and more affordable for families to enjoy this…

2 days ago

Lynx Surge Past Sky 91–68 Behind Collier’s Dominance

Lynx Overwhelm Sky 91–68 as Collier, McBride Lead the Charge The Minnesota Lynx used a dominant second and third quarter…

2 days ago

Microsoft Bars China-Based Engineers from U.S. Military Aid

Microsoft Ends China-Based Engineering Support for U.S. Military Projects Microsoft has announced that engineers based in China will no longer…

2 days ago