A critical vulnerability in Microsoft SharePoint Server (CVE-2025-53770, CVSS 9.8) is being actively exploited in a large-scale campaign, breaching over 75 organizations, including banks, hospitals, and government systems. The flaw, a deserialization of untrusted data bug, allows unauthenticated attackers to execute remote code. Microsoft has acknowledged the attacks and is preparing a comprehensive fix, urging users to apply mitigations like enabling AMSI integration and deploying Defender AV. Patch immediately and monitor for suspicious activity to protect on-premises SharePoint servers.