Critical SharePoint Zero-Day Exploited in 75+ Organizations

July 20, 2025 at 09:52 AM

•

1 min read

Critical SharePoint Zero-Day Exploited in 75+ Organizations — Photo: The Hacker News

TL;DR Summary

A critical zero-day vulnerability in Microsoft SharePoint Server, CVE-2025-53770, is actively being exploited in large-scale attacks, breaching over 75 organizations worldwide. Microsoft is working on a fix, but until then, recommended mitigations include enabling AMSI integration and deploying Defender AV. The attack chain involves delivering ASPX payloads via PowerShell to steal server keys, enabling remote code execution and persistent access.

Topics:technology #cve-2025-53770 #cybersecurity #exploitation #security #sharepoint #zero-day

Share this article

Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Global Organizations The Hacker NewsView Full Coverage on Google News

Reading Insights

Total Reads

Unique Readers

Time Saved

2 min

vs 3 min read

Condensed

88%

520 → 60 words

Want the full story? Read the original article

Read on The Hacker News

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights