SharePoint – Weekly Geek

What to know about ToolShell, the SharePoint threat under mass exploitation

Microsoft fixed the vulnerability pair—CVE-2025-49706 and CVE-2025-49704—two weeks ago as part of the company’s monthly update release. As the world learned over the weekend, the patches were incomplete, a lapse that opened organizations around the world to the new attacks. Q: What sorts of malicious things are attackers doing with these newer ToolShell exploits? A:… Read More »

SharePoint vulnerability with 9.8 severity rating under exploit across globe

Installing the updates is only the beginning of the recovery process, since the infections allow attackers to make off with authentication credentials that give wide access to a variety of sensitive resources inside a compromised network. More about those additional steps later in this article. On Saturday, researchers from security firm Eye Security reported finding… Read More »