A devastating new SharePoint vulnerability is being actively exploited in large-scale attacks worldwide, enabling attackers to gain complete control of on-premise servers without authentication. Security researchers at Eye Security discovered the ongoing campaign on July 18, 2025, revealing a sophisticated exploit chain dubbed “ToolShell” that leverages previously demonstrated Pwn2Own vulnerabilities to achieve remote code execution. […]

The post SharePoint 0-Day RCE Flaw Actively Exploited for Full Server Takeover appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/sharepoint-0-day-rce-flaw/