// Alert

Microsoft Azure threat report

CISA confirmed on July 2, 2026, that attackers are actively exploiting CVE-2026-45659, a high-severity remote code execution vulnerability in Microsoft SharePoint. The deserialization flaw requires only basic authenticated access (Site Member permissions) and was patched in May 2026. Over 10,000 SharePoint servers remain exposed online, with no visibility into remediation coverage.

// Get alerts for Microsoft Azure