Microsoft SharePoint Vulnerabilities Exploited in Widespread Ransomware Attacks

July 24, 2025 at 10:37 AM

•

1 min read

Microsoft SharePoint Vulnerabilities Exploited in Widespread Ransomware Attacks — Photo: The Hacker News

TL;DR Summary

Microsoft reports that the threat group Storm-2603, suspected to be China-based, is exploiting SharePoint vulnerabilities (CVE-2025-49706 and CVE-2025-49704) to deploy Warlock ransomware, using web shells, credential harvesting, and lateral movement techniques. Users are advised to update SharePoint, apply security patches, and implement security best practices to mitigate the threat.

Topics:business #exploitation #ransomware #security #sharepoint #storm-2603 #warlock

Share this article

Storm-2603 Exploits SharePoint Flaws to Deploy Warlock Ransomware on Unpatched Systems The Hacker News
Disrupting active exploitation of on-premises SharePoint vulnerabilities Microsoft
DHS and HHS among federal agencies hacked in Microsoft Sharepoint breach CBS News
Chinese Hackers Are Exploiting Flaws in Widely Used Software, Microsoft Says The New York Times
Microsoft Hack Hits Hundreds of Firms, Agencies as Damage Spreads Yahoo Finance

Reading Insights

Total Reads

Unique Readers

Time Saved

2 min

vs 3 min read

Condensed

90%

496 → 49 words

Want the full story? Read the original article

Read on The Hacker News

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights