The Hacker News reports:
A critical security vulnerability in Microsoft SharePoint Server has been weaponized as part of an “active, large-scale” exploitation campaign.
The zero-day flaw, tracked as CVE-2025-53770 (CVSS score: 9.8), has been described as a variant of CVE-2025-49704 (CVSS score: 8.8), a code injection and remote code execution bug in Microsoft SharePoint Server that was addressed by the tech giant as part of its July 2025 Patch Tuesday updates.
“Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an unauthorized attacker to execute code over a network,” Microsoft said in an advisory released on July 19, 2025.
… In a separate alert issued Saturday, Redmond said it’s aware of active attacks targeting on-premises SharePoint Server customers, but emphasized that SharePoint Online in Microsoft 365 is not impacted.
Read more at The Hacker News.
Update: The Hacker News reports a patch has been released.
