See every side of every news story
Get Started
SubscribeLogin
Published loading...Updated

Microsoft server hack has now hit 400 victims, researchers say

UNITED STATES, JUL 23 – Chinese state-sponsored hackers exploit unpatched Microsoft SharePoint flaws to deploy ransomware and steal data, rapidly increasing victims to over 400, including key U.S. government agencies.

  • About 400 organizations have fallen victim to a campaign exploiting SharePoint vulnerabilities, Eye Security said, highlighting the campaign's global impact and urgency.
  • Ronen Ahdut identified two vulnerabilities, CVE-2025-53770 and CVE-2025-53771, in Microsoft SharePoint servers, enabling remote code execution and web shell placement, respectively.
  • Eye Security said the figure is likely an undercount, Vaisha Bernard warned `There are many more, because not all attack vectors have left artifacts that we could scan for`.
  • On July 19, Microsoft confirmed that Storm-2603 is deploying Warlock ransomware via the exploit, urging immediate updates to on-premises SharePoint environments.
  • With a public exploit now available, automated attacks against unpatched systems are set to grow, increasing risk of widespread ransomware deployment, as CISA explained that `ToolShell’ provides unauthenticated access to systems and enables malicious actors to fully access SharePoint content… and execute code over the network.
Insights by Ground AI
Does this summary seem wrong?

59 Articles

Sud OuestSud Ouest
Center

Chinese Hackers Exploit a Security Flaw of a Widely Used Microsoft Software

Microsoft alerts about a security flaw in its SharePoint software, exploited by Chinese hackers to access sensitive data Several groups of Chinese hackers have exploited a

·France
Read Full Article
The HinduThe Hindu
+2 Reposted by 2 other sources
Lean Left

Risk highlighted as Chinese hackers hit Microsoft

Microsoft is at the centre of cybersecurity storm after China-linked hackers exploited flaws in SharePoint servers to target hundreds of organisations.

·India
Read Full Article
The RegisterThe Register
Center

Microsoft: SharePoint attacks now include ransomware

: Let the games begin

Read Full Article
CyberScoopCyberScoop
Center

Microsoft SharePoint attacks ensnare 400 victims, including federal agencies

The fallout from an attack spree targeting defects in on-premises Microsoft SharePoint servers continues to spread nearly a week after zero-day exploits were discovered, setting off alarms across the globe. More than 400 organizations have been actively compromised across four waves of attacks, according to Eye Security. Multiple government agencies, including the Departments of Energy, Homeland Security and Health and Human Services, have been …

Read Full Article
PC MagPC Mag
Lean Left

Microsoft SharePoint Flaw Is Being Abused to Spread Ransomware

It's not just data theft. A China-based hacking group is using a flaw in vulnerable SharePoint servers to deliver ransomware, Microsoft warns.

·United States
Read Full Article
QuartzQuartz
Center

Microsoft says the SharePoint hackers have escalated their attack with ransomware

Hackers have escalated their attack on SharePoint software with the use of ransomware, Microsoft said

·United States
Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 54% of the sources are Center
54% Center

Factuality 

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

Bloomberg broke the news in United States on Wednesday, July 23, 2025.
Sources are mostly out of (0)

Similar News Topics

Microsoft icon

Microsoft

Hacking icon

Hacking

Business icon

Business

Technology icon

Technology

Cybercrimes icon

Cybercrimes

Cyber Security icon

Cyber Security

United States icon

United States

You have read 1 out of your 5 free daily articles.

Join millions of well-informed readers who use Ground to compare coverage, check their news blindspots, and challenge their worldview.

News
For You
SearchBlindspotLocal