Chinese hackers targeting SharePoint flaw for weeks, Microsoft says
Why it matters: Microsoft and security researchers didn't uncover the vulnerability until this past weekend, leaving thousands of customers exposed to potential nation-state hacking.
Driving the news: Microsoft said in a blog post Tuesday that it's observed three China-based hacking teams — two of which are based within the Chinese government — attempting to break into companies' networks using the SharePoint flaw.
Microsoft tracks those groups under the names Linen Typhoon, Violet Typhoon and Storm-2603. Each cybersecurity company has their own naming convention for hacking teams based on their own internal data and telemetry.
Google's Mandiant also said Monday that it has observed at least one China-backed group targeting the SharePoint flaws, but that multiple threat actors have started getting involved.
Catch up quick: Over the weekend, Microsoft and several researchers warned about a new flaw in SharePoint servers that only affects those who use the technology on-premise, or on their own servers and not in the shared Microsoft cloud.
The vulnerability could allow hackers to access content stored in SharePoint and execute code.
Some experts also said they've seen hackers stealing machine keys when they break in, which would allow them to break back-in even after the SharePoint flaw is patched.
So far, victims have included the Education Department, national governments in Europe and the Middle East, universities, energy companies and an Asian telecommunications firm, according to news reports.
Zoom in: Linen Typhoon and Violet Typhoon are both government hacker teams that focus on espionage and stealing intellectual property, according to Microsoft.
Storm-2603 takes a different approach and is known for stealing machine keys and deploying ransomware onto victims' devices. Microsoft says it's unclear what this hacking group's motives are.
The Chinese Embassy did not immediately respond to a request for comment.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Engadget
26 minutes ago
- Engadget
Brave and AdGuard now block Microsoft Recall by default
The Brave web browser and the ad-blocker AdGuard have both announced that they are blocking Microsoft Recall by default . For the uninitiated, Recall is an AI-powered tool that accompanies Windows 11 and it records everything on a PC's screen . It's pretty obvious why a privacy-minded web browser like Brave and an ad-blocker would make this move. AdGuard said the decision was made due to a "privacy concern," going on to say that "the very idea of background screen captures is unsettling." A blog post on the matter suggested that the tool could "snap a screenshot of a private chat window, an online form where you're entering your credit card or simply something personal you didn't want saved." 🚨 Microsoft Recall — new threat or improvement? In May 2024, Microsoft introduced a new feature in Windows 11 that was actively taking screenshots of everything happening on the screen, including messages in WhatsApp and Signal. These screenshots were stored on the device… — AdGuard (@AdGuard) July 15, 2025 Brave also cited privacy concerns, suggesting that a user's "entire browsing history" could be captured by the tool. "We think it's vital that your browsing activity on Brave does not accidentally end up in a persistent database, which is especially ripe for abuse in highly-privacy-sensitive cases," the company wrote in a blog post. The chat app Signal made a similar move back in May , urging "AI teams building systems like Recall" to think "through these implications more carefully in the future." Brave says it was "partly inspired" by Signal. AdGuard and Brave both offer toggles to bring Recall back into the mix. Microsoft's controversial tool lets people jump to whatever was previously on a screen. This includes web pages, images, documents, emails, chat threads or whatever else. It actually sounds like a pretty nifty productivity tool, despite the privacy concerns. It's available with some Copilot+ PCs. If you buy something through a link in this article, we may earn commission.
Los Angeles Times
26 minutes ago
- Los Angeles Times
Intel plans to shed thousands of workers
Intel Corp. is shedding thousands of workers and cutting expenses as its new CEO works to revive the fortunes of the struggling chipmaker that helped launch Silicon Valley but has fallen behind rivals like Nvidia Corp. and Advanced Micro Devices Inc. In a memo to employees Thursday, CEO Lip-Bu Tan said the Santa Clara, Calif. company plans to end the year with 75,000 'core' workers excluding subsidiaries, through layoffs and attrition. That's down from 99,500 core employees at the end of last year. The company previously announced a 15% workforce reduction. 'I know the past few months have not been easy. We are making hard but necessary decisions to streamline the organization, drive greater efficiency and increase accountability at every level of the company,' Tan wrote. In addition, Intel will scrap previously planned projects in Germany and Poland and also move assembly and test operations in Costa Rica to larger sites in Vietnam and Malaysia. Costa Rica will remain a 'home to key engineering teams and corporate functions,' Tan said in the memo. In the U.S., the company said it will 'further' slow construction of a semiconductor plant in Ohio. Founded in 1968 at the start of the PC revolution, Intel missed the technological shift to mobile computing triggered by Apple's 2007 release of the iPhone, and it's lagged more nimble chipmakers. Intel's troubles have been magnified since the advent of artificial intelligence — a booming field where the chips made by once-smaller rival Nvidia have become tech's hottest commodity. The Santa Clara, California-based company's market cap was $98.71 billion as of the market close on Thursday, compared with Nvidia's $4.24 trillion. Tan said Intel is focusing on its 'core product portfolio' and artificial intelligence offerings to better serve customers. 'There are no more blank checks,' Tan wrote. 'Every investment must make economic sense.' For the second quarter, Intel reported a loss of $2.9 billion, or 67 cents per share, down from a loss of $1.6 billion, or 38 cents per share, a year earlier. Excluding one-time items, the company posted a loss of 10 cents a share. Revenue was flat at $12.9 billion. Analysts, on average, were expecting adjusted earnings of 1 cent per share on revenue of $12 billion, according to a poll by FactSet. Ortutay writes for the Associated Press.
Los Angeles Times
26 minutes ago
- Los Angeles Times
Lyft plans to launch Benteler autonomous shuttles in U.S. in 2026
Lyft Inc. is partnering with Benteler Group, an Austria-based manufacturer, to deploy autonomous shuttles in the US in late 2026, trying to catch up with rival Uber Technologies Inc. in offering driverless rides. The ride-sharing company will test Benteler's Holon urban electric shuttles for US customers next year, and may expand to thousands of vehicles in more markets globally. The driverless shuttles will initially be deployed in partnership with airports and cities, Lyft said Friday in a statement, dovetailing with the company's recent revival of pooled rides at US airports. Lyft said it will also work with a Benteler sister company, Benteler Trading International, to provide vehicle ownership and financing in the 'tens of millions of dollars' for future fleet expansion. Similar to the robotaxis developed by Inc.'s Zoox, the Holon shuttle is built without regular driving controls like a steering wheel, pedals and windshields. It also has inward-facing seats and can accommodate as many as nine seated and six standing passengers. Last November, Holon sought a temporary exemption from the US National Highway Traffic Safety Administration for some of its requirements for vehicle driver controls. The agency hasn't yet made a decision on the petition. According to Benteler's website, the Holon urban vehicle uses autonomous driving technology from Intel Corp.-backed Mobileye Global Inc. Lyft has a separate driverless partnership deal with Mobileye, which is scheduled to begin as soon as next year in Dallas. No car manufacturing partner has yet been announced for that partnership, and Lyft said Benteler isn't the automaker for that arrangement. Lyft is signing partnerships with autonomous carmakers and technology providers as it prepares to offer its first driverless rides in Atlanta later this year with May Mobility. Meanwhile, Uber already offers driverless rides in Phoenix, Austin and Atlanta in partnership with Alphabet Inc.'s Waymo, as well as in Abu Dhabi with WeRide Inc., with more launches planned globally over the next few years. The rideshare companies have moved away from trying to develop driverless technology in-house, and now want to use the real-time routing expertise it has honed over the years to help carmakers fill their driverless fleets with customers. Lyft said in the statement that it sees Benteler, a maker of automotive and steel products, as a partner with 'extensive production capabilities' that can support its driverless strategy with multiple vehicle types beyond shuttles. Holon's first US manufacturing facility for autonomous shuttles is expected to be completed in 2026 in Jacksonville, Florida, according to an announcement last year by Benteler. Lung writes for Bloomberg.
