Chinese Hackers Exploit Microsoft SharePoint Vulnerability in Global Cyberattack

July 22, 2025 at 01:00 PM

•

1 min read

Chinese Hackers Exploit Microsoft SharePoint Vulnerability in Global Cyberattack — Photo: Microsoft

TL;DR Summary

Microsoft has issued security updates for on-premises SharePoint servers to address active exploits by Chinese state-sponsored threat actors targeting vulnerabilities CVE-2025-49706 and CVE-2025-49704, which are being used to deploy web shells and steal machine keys. Organizations are urged to apply updates, enable AMSI and Defender Antivirus, rotate server keys, and monitor for indicators of compromise to prevent exploitation.

Topics:top-news #cve-2025-49704 #cve-2025-49706 #security #sharepoint-vulnerabilities #threat-actors #web-shell

Share this article

Disrupting active exploitation of on-premises SharePoint vulnerabilities Microsoft
China behind vast global hack involving multiple US agencies Politico
Microsoft says Chinese hacking groups exploited SharePoint vulnerability in attacks CNBC
Microsoft flaw ‘opens the door’ for hackers. It will be hard to close The Seattle Times
US Nuclear Weapons Agency Breached in Microsoft SharePoint Hack Bloomberg

Reading Insights

Total Reads

Unique Readers

Time Saved

12 min

vs 13 min read

Condensed

98%

2,421 → 58 words

Want the full story? Read the original article

Read on Microsoft

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights