Security researchers say hackers have violated at least 400 organizations by taking advantage of a zero -day vulnerability at Microsoft SharePoint, marking a sharp increase in the number of detected compromises since the error was discovered last week.
Eye security, a Dutch cyber security company first identified vulnerability At SharePoint, a popular server software that companies use to store and exchange internal documents, they said that it had identified hundreds of servers affected by SharePoint with internet scanning. The number has increased by dozens of well -known registered servers from earlier this week.
Parachute reports That one of the affected organizations includes the National Nuclear Security Agency (NNSA), the federal service responsible for the maintenance and development of the US nuclear weapons stock. Ben Dietderich, a spokesman for the Ministry of Energy, who houses the NNSA, confirmed that the department was “a little influenced” and that a “very small number of systems” was affected.
Several other government departments and organizations were also at stake in an early wave of attacks that exploit the SharePoint error, the researchers confirmed. The data indicate that hackers have exploited the vulnerability as early as July 7.
The error officially known as CVE-2025-53770It affects the self-controlled versions of SharePoint that companies create and manage their own servers. Once exploited, the error allows an intruder to perform remote malware in the affected server, allowing access to the files stored in, as well as other systems on the company’s wider network.
The vulnerability is known as zero day, because Microsoft had no time to release the patches before its exploitation. Microsoft has since released patches for all of the affected SharePoint versions.
Google and Microsoft say they have evidence that several China -backed hacking groups are exploiting the error, but warned that companies are expecting a upward trend in compromises as more hacker groups seek to benefit from vulnerability. The Chinese government denied allegations.
TechCrunch event
Francisco
|
27-29 October 2025
Was informed by comments from the Ministry of Energy.
