The name was coined by Dinh Ho Anh, a researcher from Khoa of Viettel Cyber Security, who developed the exploit. The researcher said he picked the name because it exploited ToolPane.aspx, a component for assembling the side panel view in the SharePoint user interface.

Microsoft has just disclosed a serious vulnerability in SharePoint (CVE-2025-53770) that allows unauthenticated attackers to remotely execute code

A critical zero-day vulnerability, CVE-2025-53770, is actively exploited in Microsoft SharePoint, impacting 75 company servers, including major corporations and US government agencies. This flaw allows unauthenticated remote code execution.

The vulnerability, tracked as CVE-2025-53770, carries a severity rating of 9.8 out of a possible 10. It gives unauthenticated remote access to SharePoint Servers exposed to the Internet. Starting Friday,

On July 20, 2025, Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA) issued urgent warnings about new, actively

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), in an alert, said it's aware of active exploitation of CVE-2025-53770, which enables unauthenticated access to SharePoint systems and arbitrary code execution over the network.

Microsoft has pointed the finger at three Chinese nation-state actors for exploiting the SharePoint vulnerabilities. Here's what we know about the security flaws and how to guard against future attacks.

The 130 CVEs (Common Vulnerabilities and Exposures) disclosed in Microsoft’s monthly release of security fixes includes a remote code execution flaw that ‘definitely’ should be prioritized for patching,

Microsoft warned of active zero-day attacks on SharePoint servers used by government and businesses, with FBI investigating.