Security researchers say hackers have destroyed at least 400 organizations by exploiting a zero-day narrative to the number of found observers last week.
Eye security, a Dutch cybers company that first introduced vulnerability In SharePoint, a famous server software used by storage companies and sharing inner documents, say studied hundreds of affected Serpoints by Scanning the Internet. The number is raised from the dozens known as compromised servers such as Earlier this week.
Bloomberg REPORT That one of the affected organizations includes National Nuclear Security Administration (NNSA), the federal agency responsible for maintaining and developing the stockpile of the US nuclear. A spokesman for the Department of Energy, who cares NNSA, does not respond to the techcrunch request for comment.
many Other departments and government agencies Also compromised with an earlier wave of attack exploiting the SharePoint Bug, researchers confirmed. Data suggests the exploitation of hackers in vulnerability such as July 7.
The bug, officially known as CVE-2025-53770affects self-hosted versions companies set up and handle their own servers. Once exploited, the bug allows an attacker at a distance running damaging code on the affected server, allowing access to the company supporting files.
Violence is known as a Zero-day Because Microsoft didn’t have time to release patches before it was exploited. Microsoft has since released patches for all affected versions of Sharpoint.
Google and Microsoft say they have evidence that Chinese Chinese-backed groups take advantage of the bugBut warns companies to look forward to an uptick to compromise while more hacker groups seek to take advantage of vulnerability. The Chinese government denies the allegations.
TechCrunch event
San Francisco
|
October 27-29, 2025
