Microsoft confirmed on July 19, 2025, that cybercriminals and nation-state actors are actively exploiting a critical set of zero-day vulnerabilities dubbed "ToolShell" affecting on-premises SharePoint servers worldwide.
The attack campaign, which began on July 17, has prompted emergency security updates and represents one of...