The federal government and cyberkurity researchers said that the new security bug found in the Microsoft Sharepoint in the attack.
US Cybersecurity Agency Cisa Sounds the alarm weekend The hacker is actively exploiting bug. Microsoft has not given the patch for all versions of sharing, leaving customers around the world can defend the remaining intrusions.
Microsoft said a bug, known as an official CVE-2025-53771Affect the Sharepoint version of the company who is set up and manages your own server. Sharepoint in order to save the company, share and manage internal files.
Microsoft said that working with security correction to prevent hackers exploiting vulnerability. The cemetery, described as “The Zero’s day“Because the vendors have no time to laying the bug before they are known, affect the version of the software as older server sharepoint 2016.
Unknown, but many servers are compromised so far, but there are small thousands for medium size business that depend on the software affected. According to Post WashingtonSome US Board, University, and energy companies have been breached in the attack.
Eye security, which First reveals the bug On Saturday, say that “Dozens” is active for Microsoft sharepoint Microsoft sharepoint Microsoft sharepoint. Bug, when exploited, allow hackers stealing a private digital lock to the fairy tale server without a need to invest in virus, and gain access to saved files and data. The security of the eye reminds that Sharepoint connects to another application, such as Outlook, Team, and OneDrive, which can enable network more compromised and theft data.
The security of the eye says that the bug includes a digital key handle that can be used to disguise a legitimate request on the server, the affected customer to move the digital key to prevent the server again.
Cisa and other people have requested the action of “trying to be recommended.” If there are no patch or mitigations, customers need to consider removing the affected system from the Internet.
“If you have Sharepoint (in-premont) exposed on the internet, you must consider you compromised, Michael’s head of Michael’s highlight ‘threat unit of 42 intelligence, in email to TechCrunch.
It is also known to carry out attacks on the Sharepoint server, but most recent in the string of the target Microsoft’s target in the last year.
In 2021, the Hacking group of supported China called Hafnium caught with a vulnerability found on the Exchange Email server that has been 16, allowing Hacking and Exfiltration emails and data contacts from your business around the world. Hackers compromised more than 60,000 servers, according to a Department of New Justice Department Accuse two Chinese citizens of operations.
The next two years, Microsoft confirmed the cyberattack in the cloud system, which could manage immediately, allowing a Chinese hacker to steal sensitive email calls Access allowed to your consumer email and enterprise email account held by the company.
Microsoft has also reported intrusions repeatedly from hackers related to the Russian government.
Do you know more about Sharepoint cybergettacks? Are you a customer affected? Contact the Inpilling Insiping through messages encrypted in Zackwhitker.137 on the signal.