SharePoint Zero-Day Exploited Before Patch Release: A Leak?
2025-07-27
A critical SharePoint vulnerability disclosed at the May Pwn2Own competition was massively exploited a day before Microsoft released a patch in July. Security researchers suspect a leak allowed attackers to bypass the fix. The incident involved Chinese state-sponsored actors, ransomware operators, and compromised over 400 organizations. While Microsoft issued updated patches, the event highlights risks in vulnerability disclosure and patching processes, underscoring the importance of cybersecurity.