Login
institutional access

You are connecting from
Lake Geneva Public Library,
please login or register to take advantage of your institution's Ground News Plan.

Published loading...Updated

Microsoft server hack has now hit 400 victims, researchers say

UNITED STATES, JUL 23 – Chinese state-sponsored hackers exploit unpatched Microsoft SharePoint flaws to deploy ransomware and steal data, rapidly increasing victims to over 400, including key U.S. government agencies.

  • About 400 organisations have fallen victim to a campaign exploiting unpatched Microsoft SharePoint servers, Eye Security said, highlighting widespread vulnerability and ongoing threats.
  • Ronen Ahdut identified two vulnerabilities in Microsoft SharePoint servers, CVE-2025-53770 and CVE-2025-53771, exploited by Chinese threat actors, according to Cynet Security.
  • Eye Security said the figure is likely an undercount, Vaisha Bernard warned `There are many more, because not all attack vectors have left artifacts that we could scan for`,
  • On July 24, 2025, Microsoft confirmed that Storm-2603 is deploying Warlock ransomware via the exploit, urging immediate patch application to protect on-premises SharePoint environments.
  • With a public exploit now available, automated attacks against unpatched systems are set to grow, increasing risk of widespread disruption, as CISA explained that `ToolShell provides unauthenticated access to systems` and `enables malicious actors to fully access SharePoint content… and execute code over the network`.
Insights by Ground AI
Does this summary seem wrong?
Podcasts & Opinions

53 Articles

Sud OuestSud Ouest
Center

Chinese Hackers Exploit a Security Flaw of a Widely Used Microsoft Software

Microsoft alerts about a security flaw in its SharePoint software, exploited by Chinese hackers to access sensitive data Several groups of Chinese hackers have exploited a

·France
Read Full Article
Live MintLive Mint
Center

Risk highlighted as Chinese hackers hit Microsoft

Risk highlighted as Chinese hackers hit Microsoft

·New Delhi, India
Read Full Article
The RegisterThe Register
Center

Microsoft: SharePoint attacks now include ransomware

: Let the games begin

Read Full Article
CyberScoopCyberScoop
Center

Microsoft SharePoint attacks ensnare 400 victims, including federal agencies

The fallout from an attack spree targeting defects in on-premises Microsoft SharePoint servers continues to spread nearly a week after zero-day exploits were discovered, setting off alarms across the globe. More than 400 organizations have been actively compromised across four waves of attacks, according to Eye Security. Multiple government agencies, including the Departments of Energy, Homeland Security and Health and Human Services, have been …

Read Full Article
PC MagPC Mag
Lean Left

Microsoft SharePoint Flaw Is Being Abused to Spread Ransomware

It's not just data theft. A China-based hacking group is using a flaw in vulnerable SharePoint servers to deliver ransomware, Microsoft warns.

·United States
Read Full Article
QuartzQuartz
Center

Microsoft says the SharePoint hackers have escalated their attack with ransomware

Hackers have escalated their attack on SharePoint software with the use of ransomware, Microsoft said

·United States
Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 57% of the sources are Center
57% Center

Factuality 

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

Bloomberg broke the news in United States on Wednesday, July 23, 2025.
Sources are mostly out of (0)

Similar News Topics

Microsoft icon

Microsoft

Hacking icon

Hacking

Business icon

Business

Technology icon

Technology

Cybercrimes icon

Cybercrimes

Cyber Security icon

Cyber Security

United States icon

United States

News
For You
SearchBlindspotLocal