Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
The US Federal Government and Cyber Security Researchers say that the newly discovered security bug found in Microsoft’s sharepoint is on the attack.
US CyberSSCURITY Agency CISA This weekend sounds alarm The hackers that actively used the bug. Microsoft has not yet provided patches for all affected sharepoint versions, unable to defend against the ongoing infiltration around the world.
Microsoft said the bug, officially known CV-2025-53770SharePoint versions affect that companies set up and manage them on their own servers. SharePoint companies allow their internal files to store, share and manage them.
Microsoft says it is working on security corrections to prevent hackers from exploiting the weaknesses. Error, as described ”Zero-day“Because the seller has not given any time to patch before making the bug aware of it, the version of the software affects as old as the SharePoint server 2016.
It is not yet known how many servers have been compromised so far, but it is probably thousands of small to medium -sized businesses that depend on the software. Accordingly Washington PostSeveral US federal agencies, universities and energy agencies have already been violated in the attack.
Eye protection, which The first bug released Saturday, it was reported that Microsoft SharePoint servers were actively absorbed “dozens” when it was released. The bug, when absorbed, allowed the sharepoint servers to steal private digital keys without the need for a certificate to log in to the hackers, which was connected to other applications, such as Outlook, team and ODRIVE, which could enable other applications, which could enable further network stolen.
Eye protection states that the bug is involved in theft of digital keys in the bug that can be used in disguise of legitimate requests on the server, both affected customers will need to patch the bug and take additional steps to rotate their digital keys to prevent hackers’ server repression.
CISA and others have requested customers to “take instant proposed steps”. Customers should consider disconnecting potentially affected systems from the Internet in the absence of patches or mimicization.
“If you have a sharepoint [on-premise] In contact with the Internet, you should assume that you have compromised at the moment, “TechCrunch was called Michael Sicorsky, the head of the intelligence department unit 42 of Palo Alto Networks through an email.
It is not yet known who is attacking the stockpoint servers, but in recent years it is the latest in a string of cyberpets aimed at Microsoft customers.
In 2021, the China-supported Hacking Group Dubbed Hafnium was caught in a vulnerability of self-hosted Microsoft Exchange email servers, allowed, allowed Mass-hacking and explination of email and communication data from business All over the world. Hackers compromised with more than 60,7 servers, a Allegations of recent judiciary The operation accuses two Chinese citizens for allegedly doing masterminding.
Two years later, Microsoft confirmed a cybertack on its cloud systems, which operates directly, allow Chinese hackers to allow Stealing a sensitive email signature key It has allowed access to both consumer and enterprise hosted by the agency.
Microsoft also said Repetition From hackers associated with the Russian government.
Do you know more about SharePoint CyberTacks? Are you infected customer? Contact this reporter safely through the encrypted message on the Zacheitker.1337 in the signal.
The previous version of this story describes the wrong CVE number; The correct weakness, CVE -2025-53770 to note the story is modifiedThe