This is a developing story, and we will update it with more information as it becomes available.
Worldwide cyberattacks are currently targeting a well-known vulnerability in Microsoft SharePoint, dubbed “ToolShell”. This weakness has been exploited not only in U.S. federal and state agencies but also in universities, energy firms, and a significant Asian telecommunications corporation.
Over fifty different entities, including the National Nuclear Security Administration (NNSA) and the Department of Energy, have encountered issues stemming from two newly uncovered vulnerabilities with zero-day status.
The National Nuclear Security Administration (NNSA) functions as a semi-independent entity within the Energy Department. Among its wide-reaching duties, the NNSA manufactures and decommissions nuclear weapons, engages in counterterrorism operations, and facilitates the transportation of nuclear weapons.
Based on what a well-informed source told Bloomberg, it appears that no confidential or secret data was leaked during the incident.
The Energy Department shared the following statement with Bloomberg:
Last Friday, July 18th, a previously undiscovered weakness in Microsoft SharePoint was exploited, causing some disruption to the Department of Energy. Fortunately, due to their extensive use of the Microsoft M365 cloud and robust cybersecurity measures, the impact was minimal, with only a few systems affected. These affected systems are currently being restored.
Microsoft disclosed further information regarding the cyber incident in a security article. This global technology company acknowledged detecting two identified Chinese state-affiliated entities leveraging weaknesses in SharePoint.
The actors, Linen Typhoon and Violet Typhoon, targeted internet-facing SharePoint servers.
These security flaws, identified as CVE-2025-53770 and CVE-2025-53771, only impact local (on-site) servers, leaving cloud-based servers unaffected.
Microsoft has issued out-of-band security updates to address the vulnerabilities.
Bloomberg noted that the full extent of the damage is not clear at this time.
According to Lotem Finkelstein, the Director of Threat Intelligence at Check Point Research, these attacks represent an immediate and ongoing danger. He highlighted that the existing weaknesses expose a significant number of organizations to potential harm.
Microsoft has made available security updates for all supported versions of SharePoint. It’s essential that these updates are installed now. In addition, the company provided advice for clients utilizing SharePoint Server.
Read More
- Ryan Lochte Gets Cozy With New Woman Amid Kayla Reid Divorce
- How Much Does a PS5 Equivalent PC Cost in 2025?
- Xbox’s Forza Horizon 5 Sold an Outrageous 2 Million Copies on PS5 in a Month
- xAI’s $300/month Grok 4, billed as a “maximally truth-seeking AI” — seemingly solicits Elon Musk’s opinion on controversial topics
- Why Stephen Baldwin Is “Blessed” By Justin & Hailey Bieber’s Marriage
- Microsoft has a new way to use AI in OneNote — but a “dumb” feature excites me more
- Gold Rate Forecast
- Anime’s Greatest Summer 2024 Shonen Hit Drops New Look Ahead of Season 2
- Lewis Capaldi Details “Mental Episode” That Led to Him “Convulsing”
- BTC PREDICTION. BTC cryptocurrency
2025-07-23 18:09