As Microsoft continues to update its customer guidance for protecting on-prem SharePoint servers against the latest in-the-wild attacks, more security firms have begun sharing details about the ones they have detected. Most intriguingly, Check Point Research says that they observed the first exploitation attempts on July 7th, with the target being a major Western government. That date not only precedes the publication of the screenshot of the ToolShell exploit chain (CVE-2025-49706 + CVE-2025-49704) in action … More
The post Microsoft pins on-prem SharePoint attacks on Chinese threat actors appeared first on Help Net Security.
