This is a developing story, and we will update it with more information as it becomes available.
Worldwide cyberattacks are currently targeting a well-known vulnerability in Microsoft SharePoint, dubbed “ToolShell”. This weakness has been exploited not only in U.S. federal and state agencies but also in universities, energy firms, and a significant Asian telecommunications corporation.
Over fifty different entities, including the National Nuclear Security Administration (NNSA) and the Department of Energy, have encountered issues stemming from two newly uncovered vulnerabilities with zero-day status.
The National Nuclear Security Administration (NNSA) functions as a semi-independent entity within the Energy Department. Among its wide-reaching duties, the NNSA manufactures and decommissions nuclear weapons, engages in counterterrorism operations, and facilitates the transportation of nuclear weapons.
Based on what a well-informed source told Bloomberg, it appears that no confidential or secret data was leaked during the incident.
The Energy Department shared the following statement with Bloomberg:
Last Friday, July 18th, a previously undiscovered weakness in Microsoft SharePoint was exploited, causing some disruption to the Department of Energy. Fortunately, due to their extensive use of the Microsoft M365 cloud and robust cybersecurity measures, the impact was minimal, with only a few systems affected. These affected systems are currently being restored.
Microsoft disclosed further information regarding the cyber incident in a security article. This global technology company acknowledged detecting two identified Chinese state-affiliated entities leveraging weaknesses in SharePoint.
The actors, Linen Typhoon and Violet Typhoon, targeted internet-facing SharePoint servers.
These security flaws, identified as CVE-2025-53770 and CVE-2025-53771, only impact local (on-site) servers, leaving cloud-based servers unaffected.
Microsoft has issued out-of-band security updates to address the vulnerabilities.
Bloomberg noted that the full extent of the damage is not clear at this time.
According to Lotem Finkelstein, the Director of Threat Intelligence at Check Point Research, these attacks represent an immediate and ongoing danger. He highlighted that the existing weaknesses expose a significant number of organizations to potential harm.
Microsoft has made available security updates for all supported versions of SharePoint. It’s essential that these updates are installed now. In addition, the company provided advice for clients utilizing SharePoint Server.
Read More
- Welcome to Demon School! Iruma-kun season 4 release schedule: When are new episodes on Crunchyroll?
- TV legend Carol Kirkwood reveals the reasons why she decided to retire after 28 years with BBC
- Why is Tech Jacket gender-swapped in Invincible season 4 and who voices her?
- Dune 3 Gets the Huge Update Fans Have Been Waiting For
- Highly Anticipated Strategy RPG Finally Sets Release Date (And It’s Soon)
- The Super Mario Galaxy Movie: 50 Easter Eggs, References & Major Cameos Explained
- Sydney Sweeney’s The Housemaid 2 Sets Streaming Release Date
- All 13 Smash Bros. Characters in the Super Mario Galaxy Movie
- The OG Resident Evil 1, 2 and 3 Are Now Available on Steam With a Heavy Discount (and DRM)
- Crimson Desert – 15 Things I Wish I Knew Before Diving In
2025-07-23 18:09