All articles tagged with #sharepoint
Microsoft is deploying Baseline Security Mode across Microsoft 365 tenants to centralize security policies for Office, SharePoint, Exchange, Teams, and Entra, helping administrators assess vulnerabilities, enforce policies, and improve security posture with minimal disruption, with full rollout expected by late January 2026.
Microsoft's August Patch Tuesday addresses 111 issues, including 12 critical vulnerabilities with remote code execution risks, notably in Windows, SharePoint, and Office. Adobe also released patches for 68 CVEs across its products. Other tech giants like SAP, Intel, and Google issued updates fixing multiple vulnerabilities, emphasizing ongoing cybersecurity efforts. Despite no active exploits reported, the severity of these flaws warrants prompt patching to prevent potential attacks.
This weekly cybersecurity recap highlights ongoing threats including Chinese-backed SharePoint zero-days, North Korean IT worker schemes, malware campaigns targeting cloud and crypto users, and law enforcement disruptions of cybercriminal groups, emphasizing the evolving landscape of trust-based attacks and the importance of proactive defense measures.
Microsoft is investigating whether a leak from its early alert system for cybersecurity partners, specifically the Microsoft Active Protections Program (MAPP), allowed Chinese hackers to exploit vulnerabilities in SharePoint before they were patched. The breach has affected over 400 entities worldwide, with suspected involvement of Chinese state-sponsored groups. Past incidents suggest potential leaks from the MAPP program, raising concerns about security and transparency, especially given Chinese laws requiring rapid vulnerability reporting and the involvement of Chinese companies in government-linked vulnerability programs.
Microsoft reports that the threat group Storm-2603, suspected to be China-based, is exploiting SharePoint vulnerabilities (CVE-2025-49706 and CVE-2025-49704) to deploy Warlock ransomware, using web shells, credential harvesting, and lateral movement techniques. Users are advised to update SharePoint, apply security patches, and implement security best practices to mitigate the threat.
A China-based hacking group, Storm-2603, is exploiting vulnerabilities in Microsoft SharePoint servers to deploy Warlock ransomware, affecting over 420 servers globally and targeting various U.S. government agencies and organizations, with Microsoft urging immediate security updates.
Microsoft announced that a cyber-espionage group called Storm-2603 is exploiting vulnerabilities in SharePoint server software to deploy ransomware, leading to at least 400 known victims including U.S. government agencies, marking a significant escalation in the campaign.
The Department of Homeland Security was affected by a cyberattack exploiting a zero-day vulnerability in Microsoft SharePoint, with multiple federal agencies potentially compromised. The attack, linked to Chinese state-aligned groups, involved unpatched systems and targeted sensitive government information. Microsoft has issued patches, and authorities are assessing the scope of the breach.
A cyber-espionage campaign exploiting vulnerabilities in Microsoft's SharePoint server software has affected around 400 organizations, up from 100, with many victims still undisclosed. The attack, linked to Chinese hackers, began after Microsoft failed to fully patch a security flaw, leading to widespread server compromises including at the NIH.
Hackers have exploited a zero-day vulnerability in Microsoft SharePoint, breaching at least 400 organizations including government agencies like the NNSA, allowing remote code execution and data access. Microsoft has issued patches, but the attack highlights ongoing cybersecurity risks, especially from China-backed groups, with an increase in compromises expected.
Microsoft knew of a critical SharePoint security flaw identified in May but released a patch that failed to fully fix it, leading to a global cyber espionage operation targeting around 100 organizations, with Chinese hacking groups exploiting the vulnerability despite Microsoft's efforts to patch it.
Microsoft has identified Chinese hacking groups Linen Typhoon, Violet Typhoon, and Storm-2603 exploiting vulnerabilities in SharePoint Server, prompting security updates and urging immediate patching to prevent further attacks, which target organizations for espionage and intellectual property theft.
Microsoft has linked recent SharePoint server attacks to Chinese state-affiliated hacking groups, with vulnerabilities exploited to access sensitive data. Microsoft released patches for affected SharePoint versions, as investigations continue into ongoing threats from these groups, including Linen Typhoon, Violet Typhoon, and Storm-2603.
Microsoft has accused Chinese state-sponsored groups of exploiting vulnerabilities in SharePoint software to target various organizations, including government and corporate entities, with new security updates issued to address these zero-day exploits. The attacks highlight ongoing Chinese cyber espionage efforts, with impacts across multiple countries and sectors, amid broader concerns over Chinese cyber campaigns.
Google and Microsoft have identified Chinese-backed hacking groups exploiting a zero-day vulnerability in Microsoft SharePoint to steal data and plant malware, prompting urgent patching efforts worldwide, with multiple organizations already compromised.