Major Security Breach: Hackers Exploit Microsoft SharePoint Vulnerability
Recent reports from security researchers have highlighted a concerning trend in the cybersecurity landscape. It has been revealed that hackers have successfully breached over 400 organizations by exploiting a zero-day vulnerability in Microsoft SharePoint. This discovery marks a significant increase in the number of detected compromises since the bug was initially uncovered just last week.
Eye Security, a reputable Dutch cybersecurity firm, was the first to identify the vulnerability in SharePoint. This server software is widely used by companies to store and share internal documents. Through extensive internet scanning, Eye Security has identified hundreds of affected SharePoint servers. The number of compromised servers has escalated from a few dozen to hundreds within a short period.
According to a report by Bloomberg, one of the impacted organizations includes the National Nuclear Security Administration (NNSA), a crucial federal agency responsible for managing the U.S. stockpile of nuclear weapons. Despite this alarming development, the Department of Energy, which oversees the NNSA, has not provided any official comments on the matter.
Further investigations have revealed that several government departments and agencies fell victim to the early wave of attacks exploiting the SharePoint bug. Evidence suggests that hackers began exploiting the vulnerability as early as July 7th.
The zero-day vulnerability, officially designated as CVE-2025-53770, primarily affects self-hosted versions of SharePoint that companies operate on their servers. Once exploited, the bug enables attackers to execute malicious code remotely on the affected server. This unauthorized access can compromise the files stored within SharePoint, as well as other systems within the company’s network.
Due to the urgent nature of the situation, Microsoft has swiftly released patches for all affected versions of SharePoint to address the vulnerability. However, Google and Microsoft have observed evidence indicating that multiple China-backed hacking groups are actively exploiting the bug. They have advised companies to remain vigilant as more hacker groups may attempt to capitalize on this vulnerability. The Chinese government has refuted these allegations.
As the cybersecurity landscape continues to evolve, it is crucial for organizations to prioritize security measures and promptly apply patches to mitigate potential risks associated with zero-day vulnerabilities.
Upcoming Techcrunch Event
Don’t miss out on the upcoming Techcrunch event in San Francisco from October 27th to 29th, 2025. Stay informed about the latest developments in technology and cybersecurity.