GitHub

SharePoint Online Connection Script

This document explains the execution flow, operational logic, inputs, outputs, and troubleshooting guidance for o365-connect-spo.ps1. The script automates connecting to Microsoft 365 (Graph) and ...
Hosted on MSN

Building the modern digital workplace with SharePoint and Microsoft 365

The modern workplace has evolved into a complex ecosystem of invaluable apps, essential productivity tools and vital collaboration platforms. Bringing these various business tools into an integrated ...
Cloud Security Alliance

SecretPoint: How OneDrive Auto-Sync Turns SharePoint into a Hidden Secrets Vault

Written by Itzik Alvas, Entro Security. One in every five exposed enterprise secrets originated from SharePoint. It wasn’t the result of a zero-day or a sophisticated exploit. Instead, the exposure ...
theregister

Ransomware crims that exploited SharePoint 0-days add Velociraptor to their arsenal

The ransomware gang caught exploiting Microsoft SharePoint zero-days over the summer has added a new tool to its arsenal: Velociraptor, an open-source digital forensics and incident response app not ...
The Hacker News

⚡ Weekly Recap — SharePoint Breach, Spyware, IoT Hijacks, DPRK Fraud, Crypto Drains and More

Some risks don't breach the perimeter—they arrive through signed software, clean resumes, or sanctioned vendors still hiding in plain sight. This week, the clearest threats weren't the loudest—they ...
Infosecurity-magazine.com

Ransomware Deployed in Compromised SharePoint Servers

A Chinese-based threat actor has been observed using the flaws in Microsoft SharePoint to deploy ransomware on compromised systems. In an incident update on July 23, Microsoft revealed that a group ...
Ars Technica

What to know about ToolShell, the SharePoint threat under mass exploitation

Government agencies and private industry have been under siege over the past four days following the discovery that a critical vulnerability in SharePoint, the widely used document-sharing app made by ...
cybernews

Chinese hackers behind SharePoint server attacks, Microsoft says

Microsoft’s cybersecurity analysts have confirmed that Chinese state-sponsored actors are behind a series of recent attacks on SharePoint servers. Three distinct espionage groups have been observed ...
The Hacker News

CISA Orders Urgent Patching After Chinese Hackers Exploit SharePoint Flaws in Live Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), on July 22, 2025, added two Microsoft SharePoint flaws, CVE-2025-49704 and CVE-2025-49706, to its Known Exploited Vulnerabilities (KEV ...
Forbes

Microsoft Confirms Global SharePoint Attack — Emergency Update Issued

Update, July 21, 2025: This story, originally published on July 20, has been updated to include additional expert comments regarding the global zero-day attack impacting Microsoft on-premise ...
Digit

Hackers target Microsoft SharePoint again with critical zero-days, over 85 servers hit

Microsoft SharePoint is once again under active attack, with two new zero-day vulnerabilities being exploited in the wild. Tracked as CVE-2025-53770 and CVE-2025-53771, these flaws have been used to ...