Search Results: SharePointSecurity

Hundreds of organizations globally, including the US National Nuclear Security Administration, suffered data breaches this week as hackers exploited a critical vulnerability in older, self-hosted Microsoft SharePoint Server versions. The incident underscores the heightened risks of clinging to on-premises software nearing end-of-life, especially when a flawed patch compounded the original flaw. Microsoft scrambles to secure systems it has long urged customers to migrate to the cloud.

State-sponsored Chinese hackers exploited a critical Microsoft SharePoint vulnerability to breach the U.S. National Nuclear Security Administration, responsible for nuclear weapons stockpiles. Over 400 servers across 148 organizations were compromised in the coordinated ToolShell attacks, highlighting systemic risks in federal IT infrastructure.

The National Nuclear Security Administration, responsible for America's nuclear arsenal, was compromised via a critical Microsoft SharePoint vulnerability chain. While no classified data was accessed, the attack highlights escalating threats to critical infrastructure from state-sponsored groups. Over 400 servers globally have been infected in this coordinated campaign.

Microsoft has released critical patches for two actively exploited SharePoint zero-day vulnerabilities after Chinese nation-state groups breached federal agencies and energy firms, but Server 2016 remains unpatched. The flaws allow attackers to bypass authentication and execute remote code, exposing systemic risks in on-premises environments. This incident highlights the escalating challenges of securing complex enterprise systems against sophisticated cyber espionage.

State-linked Chinese threat actors are actively exploiting critical Microsoft SharePoint zero-day vulnerabilities, breaching dozens of multinational corporations and government entities. The 'ToolShell' exploit chain enables unauthenticated remote code execution, granting attackers full access to servers and sensitive data. With proof-of-concept exploits now public, organizations must urgently patch vulnerable on-premises SharePoint systems.

A critical unpatched vulnerability (CVE-2025-53770) in Microsoft SharePoint Server is being actively exploited, enabling remote code execution on at least 85 servers globally. Attackers leverage a variant of a recently patched flaw to steal cryptographic keys and execute malicious code, targeting multinationals and government entities. Microsoft urges immediate mitigation via AMSI and Defender AV while a patch is developed.