Hundreds of organizations breached by SharePoint mass-hacks

Protective researchers say that hackers have violated at least five companies by using zero-day weaknesses in Microsoft Shares, which has increased the number of negotiations detected since last week.

Eye protection, a Dutch cybercrossity firm that First marked the weakness On the sharepoint, a popular server software that companies use to store and share internal documents, saying that it has identified hundreds of affected sharepoint servers by scanning the Internet. The number has grown from dozens of known compromised servers At the beginning of this weekThe

Blomberg Report One of the affected companies includes the National Nuclear Protection Administration (NNSA), the Federal Agency responsible for maintaining and developing US reserves of nuclear weapons. A spokesman for the Energy Department that has the NNSA did not respond to TechCrunch’s request for commenting.

Several Other government departments and agencies The sharepoint bug was also compromised in the early waves of absorbing attacks, researchers confirmed. Data suggests that hackers used weakness in early July 7.

Bug, officially known CV-2025-53770Self-hosted versions of the sharepoint affect the companies that set up and manage them on their own servers. Once it is absorbed, the bug allows the attacker to operate the affected server remotely operate the contaminated code, allowing access to the files stored inside, as well as on other systems on the agency’s broad network.

Weakness is known as a Zero-day Because Microsoft had no time to leave the patchs before absorbing. Microsoft has since published patches for all affected sharepoint versions.

Google and Microsoft say that they have evidence to Several China-backed hacking groups are using the bugHowever, more hacker groups have warned agencies to expect an incentive to compromise companies if they want to take advantage of weakness. The Chinese government has denied the allegations.