Microsoft Warns of Active Exploitation of Critical SharePoint Zero-Day Vulnerability
CISA warns of active exploitation of a new SharePoint remote code execution vulnerability (CVE-2025-53770), which allows unauthorized access and full control over SharePoint content. Organizations are advised to implement recommended security measures such as enabling AMSI, deploying Microsoft Defender, monitoring for suspicious activity, and applying official patches to mitigate risks. The vulnerability has been added to CISA’s KEV catalog, and incident reporting is encouraged.