Hackers exploit SharePoint flaw to run code on unpatched servers

Hackers exploit CVE-2026-20963 in SharePoint Server 2016, 2019, and Subscription Edition for remote code execution. Microsoft patched January 13, 2026; attacks confirmed March 19. Unpatched, network-exposed servers risk ongoing access and malware spread. Organisations must prioritise patching over delay testing.