This is a developing story, and we will update it with more information as it becomes available.
Worldwide cyberattacks are currently targeting a well-known vulnerability in Microsoft SharePoint, dubbed “ToolShell”. This weakness has been exploited not only in U.S. federal and state agencies but also in universities, energy firms, and a significant Asian telecommunications corporation.
Over fifty different entities, including the National Nuclear Security Administration (NNSA) and the Department of Energy, have encountered issues stemming from two newly uncovered vulnerabilities with zero-day status.
The National Nuclear Security Administration (NNSA) functions as a semi-independent entity within the Energy Department. Among its wide-reaching duties, the NNSA manufactures and decommissions nuclear weapons, engages in counterterrorism operations, and facilitates the transportation of nuclear weapons.
Based on what a well-informed source told Bloomberg, it appears that no confidential or secret data was leaked during the incident.
The Energy Department shared the following statement with Bloomberg:
Last Friday, July 18th, a previously undiscovered weakness in Microsoft SharePoint was exploited, causing some disruption to the Department of Energy. Fortunately, due to their extensive use of the Microsoft M365 cloud and robust cybersecurity measures, the impact was minimal, with only a few systems affected. These affected systems are currently being restored.
Microsoft disclosed further information regarding the cyber incident in a security article. This global technology company acknowledged detecting two identified Chinese state-affiliated entities leveraging weaknesses in SharePoint.
The actors, Linen Typhoon and Violet Typhoon, targeted internet-facing SharePoint servers.
These security flaws, identified as CVE-2025-53770 and CVE-2025-53771, only impact local (on-site) servers, leaving cloud-based servers unaffected.
Microsoft has issued out-of-band security updates to address the vulnerabilities.
Bloomberg noted that the full extent of the damage is not clear at this time.
According to Lotem Finkelstein, the Director of Threat Intelligence at Check Point Research, these attacks represent an immediate and ongoing danger. He highlighted that the existing weaknesses expose a significant number of organizations to potential harm.
Microsoft has made available security updates for all supported versions of SharePoint. It’s essential that these updates are installed now. In addition, the company provided advice for clients utilizing SharePoint Server.
Read More
- Gold Rate Forecast
- Wednesday Season 2 Completely Changes a Key Addams Family Character
- Best Season 10 PvE Build in New World: Aeternum
- 10 Most Badass Moments From Arrow
- Dynasty Warriors remastered title and Dynasty Warriors: Origins major DLC announced
- Age of Empires IV: Anniversary Edition coming to PS5 on November 4
- Black Phone 2 Review: The Sequel to Blumhouse’s $160M Hit Is a Disappointing Elm Street Copycat
- New Elder Scrolls 6 Details Emerge as Bethesda Confirms a 2nd Memorial Character
- Tom Holland Proved Why He Shouldn’t Be the New James Bond 3 Years Ago
- Timothee Chalamet heist film
2025-07-23 18:09