This is a developing story, and we will update it with more information as it becomes available.
Worldwide cyberattacks are currently targeting a well-known vulnerability in Microsoft SharePoint, dubbed “ToolShell”. This weakness has been exploited not only in U.S. federal and state agencies but also in universities, energy firms, and a significant Asian telecommunications corporation.
Over fifty different entities, including the National Nuclear Security Administration (NNSA) and the Department of Energy, have encountered issues stemming from two newly uncovered vulnerabilities with zero-day status.
The National Nuclear Security Administration (NNSA) functions as a semi-independent entity within the Energy Department. Among its wide-reaching duties, the NNSA manufactures and decommissions nuclear weapons, engages in counterterrorism operations, and facilitates the transportation of nuclear weapons.
Based on what a well-informed source told Bloomberg, it appears that no confidential or secret data was leaked during the incident.
The Energy Department shared the following statement with Bloomberg:
Last Friday, July 18th, a previously undiscovered weakness in Microsoft SharePoint was exploited, causing some disruption to the Department of Energy. Fortunately, due to their extensive use of the Microsoft M365 cloud and robust cybersecurity measures, the impact was minimal, with only a few systems affected. These affected systems are currently being restored.
Microsoft disclosed further information regarding the cyber incident in a security article. This global technology company acknowledged detecting two identified Chinese state-affiliated entities leveraging weaknesses in SharePoint.
The actors, Linen Typhoon and Violet Typhoon, targeted internet-facing SharePoint servers.
These security flaws, identified as CVE-2025-53770 and CVE-2025-53771, only impact local (on-site) servers, leaving cloud-based servers unaffected.
Microsoft has issued out-of-band security updates to address the vulnerabilities.
Bloomberg noted that the full extent of the damage is not clear at this time.
According to Lotem Finkelstein, the Director of Threat Intelligence at Check Point Research, these attacks represent an immediate and ongoing danger. He highlighted that the existing weaknesses expose a significant number of organizations to potential harm.
Microsoft has made available security updates for all supported versions of SharePoint. It’s essential that these updates are installed now. In addition, the company provided advice for clients utilizing SharePoint Server.
Read More
- Gold Rate Forecast
- Silver Rate Forecast
- How To Watch Under The Bridge And Stream Every Episode Of This Shocking True Crime Series Free From Anywhere
- BrokenLore: Ascend is a New Entry in the Horror Franchise, Announced for PC and PS5
- Taming Quantum Chaos: A Stochastic Approach to Many-Body Dynamics
- South Park Creators Confirm They Won’t Be Getting Rid of Trump Anytime Soon
- 7 1990s Sci-fi Movies You Forgot Were Awesome
- Sony to Stimulate Japanese PS5 Sales with Cheaper, Region-Locked Model
- 🚀 XRP to $50K? More Like a Unicorn Riding a Rainbow! 🌈
- Valve’s new Steam Machine is just a PC at heart — here’s how to build your own and how much it will cost
2025-07-23 18:09