Close Menu

    Stay Ahead with Exclusive Updates!

    Enter your email below and be the first to know what’s happening in the ever-evolving world of technology!

    What's Hot

    The API That Powered GIFs Across Every App You Use Just Disappeared. Here Is the Scramble It Left Behind and What Fills the Gap

    July 16, 2026

    Japan Is Running Out of Workers and Has Decided Robots Are the Only Realistic Answer. The Plan to Deploy 10 Million of Them by 2040 Is the Most Ambitious Industrial Policy Any Country Has Announced This Decade

    July 16, 2026

    Google Just Launched Gemini Omni Flash and It Can Create and Edit Video in Real Time. Here Is What That Changes About AI Video Tools

    July 16, 2026
    Facebook X (Twitter) Instagram
    Facebook X (Twitter)
    PhronewsPhronews
    • Home
    • Big Tech & Startups

      The API That Powered GIFs Across Every App You Use Just Disappeared. Here Is the Scramble It Left Behind and What Fills the Gap

      July 16, 2026

      China Just Ordered ByteDance and Alibaba to Shut Down Personalized AI Companion Features by July 15. The Regulation Behind the Ban Is the Most Restrictive AI Law Any Government Has Passed This Year.

      July 15, 2026

      Gemini 3.5 Pro Missed Its June Deadline and Is Now Pointing to July. For Google’s Most Anticipated Model of the Year, Every Week of Delay Has a Cost.

      July 15, 2026

      Meta Is Planning to Sell Its Excess AI Compute to Outside Customers. The Company That Was Rationed Gemini Access by Google Just Positioned Itself to Become a Cloud Provider.

      July 15, 2026

      Tesla Just Launched Its Robotaxi in Miami with No Safety Monitor Inside the Car

      July 14, 2026
    • Crypto

      Market Collapse: What Happened to NFTs?

      April 23, 2026

      Quantum Computing Advances Force Coinbase and Institutional Custodians to Rethink Crypto Security

      March 8, 2026

      AI Assisted Hacking Groups Target Crypto Firms With Multi-Layered Social Engineering

      February 18, 2026

      Global Crypto Regulations Expand as 2026 Begins With New Data Collection Frameworks and National Laws

      January 16, 2026

      Coinbase Bets on Stablecoin and On-Chain Growth as Key Market Drivers in 2026 Strategy

      January 10, 2026
    • Gadgets & Smart Tech
      Featured

      Tesla Just Launched Its Robotaxi in Miami with No Safety Monitor Inside the Car

      By preciousJuly 14, 2026
      Recent

      Tesla Just Launched Its Robotaxi in Miami with No Safety Monitor Inside the Car

      July 14, 2026

      Google’s New Smart Speaker Has Gemini Built In and Works With Everything. Here Is Whether It Is Finally Worth Switching From Amazon Echo or Apple HomePod

      July 4, 2026

      Tesla Is Teaching Its Self-Driving AI With Millions of Fake Crashes. Here Is Why That Might Make Real Roads Safer

      June 30, 2026
    • Cybersecurity & Online Safety

      Hackers Stole 630GB of Apple and Tesla Manufacturing Secrets from Tata Electronics. The Breach Confirms Everything Supply Chain Security Experts Have Warned About for Years.

      July 9, 2026

      Apple Just Pushed an Unscheduled Security Update Because AI-Powered Attacks Are Moving Faster Than Its Normal Patch Cycle Can Handle

      July 6, 2026

      Buying World Cup Tickets Online? Scammers Are Already Waiting. Here Is How to Protect Yourself for the Rest of the Tournament.

      July 4, 2026

      Researchers Found an Attack Spreading Through GitHub Like a Parasite. They Named It Cordyceps and It Is Already in 300+ Repositories

      July 4, 2026

      AI Is Now Writing Phishing Emails Good Enough to Fool Your Best Employees. Here Is How to Spot Them

      July 4, 2026
    PhronewsPhronews
    Home»Cybersecurity & Online Safety»Zero-Day Alert: CISA Warns of Active Attacks on Microsoft SharePoint
    Cybersecurity & Online Safety

    Zero-Day Alert: CISA Warns of Active Attacks on Microsoft SharePoint

    preciousBy preciousMarch 31, 2026No Comments
    Facebook Twitter Pinterest LinkedIn WhatsApp Reddit Tumblr Email
    Share
    Facebook Twitter LinkedIn Pinterest Email
    Photo Credit: Timon Schneider/SOPA Images/LightRocket via Getty Images

    A critical vulnerability in Microsoft SharePoint Server is being actively exploited, and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) is urging organizations to patch their systems immediately. 

    The flaw, tracked as CVE-2026-20963, was recently added to CISA’s Know Exploited Vulnerabilities catalog. It is a critical remote code execution (RCE) vulnerability tied to deserialization of untrusted data in on-premises SharePoint server. 

    What The Vulnerability Does 

    Successful exploitation of CVE-2026-20963 will allow threat actors without any privileges to achieve remote code execution on unpatched servers through a deserialization of untrusted data weakness. 

    In a network-based attack, an unauthenticated attacker can write and execute arbitrary code directly on the SharePoint Server. This means an attacker does not need a username, password, or any prior access to the system to cause serious damage.

    The flaw also works because SharePoint does not properly validate certain incoming data, which allows a remote attacker to inject and run arbitrary code on the server. Once that happens, an attacker can deploy malware, steal sensitive documents, establish persistent access, or even move deeper into the network through connected systems.

    The vulnerability is said to affect SharePoint Enterprises Server 2016, SharePoint Server 2019, and SharePoint Server Subscription Edition. 

    SharePoint Server 2007, 2010, and 2013 are also vulnerable but have reached end-of-support and no longer receive security updates, meaning organizations still running those versions need to upgrade to a supported release to block attacks. 

    Why This Matters

    This is a serious event because Microsoft SharePoint often sits at the center of corporate document sharing, internal workflows, and sensitive files. If attackers were to gain access, they can move from a single server to a wider part of the organization’s data and identity systems, which is why organizations are being told to treat the issue as urgent. 

    CISA’s alert recommends that organizations assess whether their internet-facing SharePoint server may be compromised and isolate the system until patching and threat hunting are complete.

    This alert shows how quickly a server-side flaw can become a broad security incident when attackers find a way around an earlier fix. 

    AI Is Changing Both Sides of the Cybersecurity Fight

    Artificial intelligence (AI) is now a factor in how these vulnerabilities get found, exploited, and defended against, and its influence is growing on both sides of the equation.

    IBM’s 2026 X-Force Threat Intelligence Index found a 44% increase in attacks that began with the exploitation of public-facing applications, driven in part by AI-enabled vulnerability discovery. The report also noted that attackers are using AI to speed up reconnaissance, analyze large datasets, and iterate on attack paths in real time.

    Google’s Threat Intelligence, through its Look What You Made Us Patch: 2025 Zero-Days in Review, has stated that it expects AI to fasten the process of reconnaissance, vulnerability discovery, and exploit development through 2026. This 2025 review tracked 90 zero-day vulnerabilities exploited in the wild, with 43 of those affecting enterprise products. The Microoft SharePoint flaw falls squarely into that enterprise category.

    On the defensive side, AI is also beginning to close some of the gap, although adoption remains slow. Many reports indicate that organizations that have adopted AI-assisted vulnerability management have reduced their remediation time to cyberattacks, otherwise or often measured as Mean Time to Remediate (MTTR).

    However, for most organizations today, AI remains an outside tool to existing processes rather than a default for vulnerability patching, as teams evaluate it cautiously especially given the risks associated with automated remediation.

    The net effect of this is a gap that continues to widen between well-resourced teams that are adopting AI-assisted defenses and organizations that are still running manual patch cycles against attackers who are not.

    AI-enabled vulnerability discovery Artificial Intelligence CISA Critical Infrastructure Protection CVE-2026-20963 flaw Microsoft Microsoft SharePoint Unauthenticated network-based attack Zero-Day Vulnerabilities
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Telegram Email
    precious
    • LinkedIn

    I’m Precious Amusat, Phronews’ Content Writer. I conduct in-depth research and write on the latest developments in the tech industry, including trends in big tech, startups, cybersecurity, artificial intelligence and their global impacts. When I’m off the clock, you’ll find me cheering on women’s footy, curled up with a romance novel, or binge-watching crime thrillers.

    Related Posts

    The API That Powered GIFs Across Every App You Use Just Disappeared. Here Is the Scramble It Left Behind and What Fills the Gap

    July 16, 2026

    Japan Is Running Out of Workers and Has Decided Robots Are the Only Realistic Answer. The Plan to Deploy 10 Million of Them by 2040 Is the Most Ambitious Industrial Policy Any Country Has Announced This Decade

    July 16, 2026

    Google Just Launched Gemini Omni Flash and It Can Create and Edit Video in Real Time. Here Is What That Changes About AI Video Tools

    July 16, 2026

    Comments are closed.

    Top Posts

    Coinbase responds to hack: customer impact and official statement

    May 22, 2025

    Anthropic Will Use Claude User Chats For Data Training

    October 16, 2025

    Cursor AI Hits 1 Million Daily Users. Why Developers Are Switching to This Coding Tool

    March 23, 2026

    MIT Study Reveals ChatGPT Impairs Brain Activity & Thinking

    June 29, 2025
    Don't Miss
    Big Tech & Startups

    The API That Powered GIFs Across Every App You Use Just Disappeared. Here Is the Scramble It Left Behind and What Fills the Gap

    By fariehanJuly 16, 2026

    Tenor’s API shutdown marks the end of an internet service millions relied on without realizing…

    Japan Is Running Out of Workers and Has Decided Robots Are the Only Realistic Answer. The Plan to Deploy 10 Million of Them by 2040 Is the Most Ambitious Industrial Policy Any Country Has Announced This Decade

    July 16, 2026

    Google Just Launched Gemini Omni Flash and It Can Create and Edit Video in Real Time. Here Is What That Changes About AI Video Tools

    July 16, 2026

    China Just Ordered ByteDance and Alibaba to Shut Down Personalized AI Companion Features by July 15. The Regulation Behind the Ban Is the Most Restrictive AI Law Any Government Has Passed This Year.

    July 15, 2026
    Stay In Touch
    • Facebook
    • Twitter
    About Us
    About Us

    Evolving from Phronesis News, Phronews brings deep insight and smart analysis to the world of technology. Stay informed, stay ahead, and navigate tech with wisdom.
    We're accepting new partnerships right now.

    Email Us: info@phronews.com

    Facebook X (Twitter) Pinterest YouTube
    Our Picks
    Most Popular

    Coinbase responds to hack: customer impact and official statement

    May 22, 2025

    Anthropic Will Use Claude User Chats For Data Training

    October 16, 2025

    Cursor AI Hits 1 Million Daily Users. Why Developers Are Switching to This Coding Tool

    March 23, 2026
    © 2025. Phronews.
    • Home
    • About Us
    • Get In Touch
    • Privacy Policy
    • Terms and Conditions

    Type above and press Enter to search. Press Esc to cancel.