Security researchers have discovered that hackers have breached at least 400 organizations by exploiting a zero-day vulnerability in Microsoft SharePoint. The vulnerability, officially known as CVE-2025-53770, was identified by Dutch cybersecurity firm Eye Security and affects self-hosted versions of SharePoint set up on company servers.
The bug allows an attacker to remotely run malicious code on the affected server, granting access to files stored inside and other systems on the wider network. Researchers say hackers have been exploiting this vulnerability since at least July 7, with the number of detected compromises rising sharply since it was discovered last week.
Several government departments and agencies were among the early victims of the attack, including the National Nuclear Security Administration (NNSA). However, a spokesperson for the Department of Energy confirmed that only a “very small number” of systems were impacted.
Microsoft has released patches for all affected SharePoint versions. Google and Microsoft warn companies to expect further compromises as more hacker groups seek to exploit the vulnerability. The Chinese government has denied allegations of involvement in the hacking.
Source: https://techcrunch.com/2025/07/23/hundreds-of-organizations-breached-by-sharepoint-mass-hacks