A zero-day vulnerability in Microsoft SharePoint has been exploited by hackers, leading to breaches in at least 400 organizations. Eye Security discovered this vulnerability, known as CVE-2025-53770, which allows remote code execution on self-hosted SharePoint servers. As a result of this bug, organizations including the National Nuclear Security Administration have been compromised. Evidence suggests that several China-backed hacking groups are responsible, and Microsoft has released patches for affected versions, urging organizations to secure their systems against further exploits.
Security researchers report that hackers have exploited a zero-day vulnerability in Microsoft SharePoint to breach at least 400 organizations, with cases rapidly increasing since its discovery.
The vulnerability, CVE-2025-53770, allows attackers to remotely execute malicious code on affected self-hosted SharePoint servers and access internal files and systems.
Eye Security identified the vulnerability in SharePoint, and after scanning the internet, they found hundreds of compromised servers, with the figure rising from dozens earlier this week.
Google and Microsoft have linked the exploitation of the SharePoint vulnerability to multiple China-backed hacking groups, warning of an anticipated rise in breaches.
Collection
[
|
...
]