China-backed hackers used Microsoft flaw in attacks, defenders say
The breaches in the United States and other countries took advantage of a disastrous security flaw that drew attention this month, after Microsoft issued a patch that fixed only part of the problem in SharePoint, which is widely used to coordinate work on documents and projects.
'We assess that at least one of the actors responsible for this early exploitation is a China-nexus threat actor,' said Charles Carmakal, chief technology officer of Google's Mandiant Consulting.
Another researcher, who, like others, spoke on the condition of anonymity because the inquiry is still underway, said federal investigators have evidence of U.S.-based servers linked to compromised SharePoint systems connecting to internet Protocol addresses inside China on Friday and Saturday.
The FBI, White House, and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency declined to comment Monday.
Two other responders working with the U.S. government said they had identified early attacks from China as well. The Chinese Embassy in Washington did not immediately respond to a request for comment.
The attacks allowed hackers to extract cryptographic keys from servers run by Microsoft clients. Those keys, in turn, would let them install anything, including back doors that they could use to return. Federal and state agencies were affected, researchers previously told The Washington Post, but it remains unclear which of them were vulnerable to follow-up attacks.
Only versions of SharePoint that are hosted by the customer, not those in the cloud, are vulnerable. Microsoft issued effective patches for the last of the exposed versions by Monday.
While installing the patches should prevent new intrusions, customers also need to change the machine's digital keys, apply anti-malware software and hunt for any breaches that have already occurred, Microsoft said.
Some of the early targets of the attack were entities that would interest the Chinese government, two of the responders said. But a wide range of attackers were now trying similar grabs, others said, looking to steal corporate secrets or install ransomware that encrypts key files until payments are made.
'It's critical to understand that multiple actors are now actively exploiting this vulnerability. We fully anticipate that this trend will continue, as various other threat actors, driven by diverse motivations, will leverage this exploit as well,' Carmakal said.
Piet Kerkhofs, CTO and co-founder of Europe-based Eye Security, said the SharePoint breaches share characteristics with other compromises that security researchers have attributed to China-based hackers.
For instance, hackers this month exploited a vulnerability in Citrix's NetScaler virtual desktop that some researchers saw being used by Chinese actors, Kerkhofs said. That hack was similar to the SharePoint compromise in that it turned a freshly discovered vulnerability into an 'exploit' or weapon — in 'extremely fast' order, 'hours to days,'' he said.
Another instance was China's global compromise of Microsoft Exchange email servers in early 2021. That case involved Chinese government-sponsored hackers conducting widespread exploitation of core Microsoft software — its Exchange email server software.
That breach has been attributed to group that Microsoft calls Silk Typhoon, which is linked to China's Ministry of State Security. It is one of the most technically advanced hacking groups in the world and has been striking sensitive U.S. targets at an increased rate in the past year, The Post reported last week.
Silk Typhoon has broken into multiple U.S. federal agencies in the past and more recently hit multiple ministries in Europe, The Post reported.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Yahoo
7 minutes ago
- Yahoo
5 Breakout Growth Stocks You Can Buy and Hold for the Next Decade
Key Points Nvidia and TSMC are two of the best ways to play the growth in AI infrastructure. Meta Platforms and Toast are using AI to help drive growth. GitLab is helping transform the software development lifecycle. 10 stocks we like better than Nvidia › Investors looking for long-term winners should focus on companies with strong growth runways, clear competitive advantages, and the ability to adapt to evolving tech trends. Let's look at five breakout growth stocks that fit this bill that you can buy now and hold for the long term. 1. Nvidia Nvidia (NASDAQ: NVDA) is the undisputed leader in artificial intelligence (AI) infrastructure. Its graphics processing units (GPUs) have become the backbone of AI workloads, and it's hard to overstate the company's dominance. It captured an incredible 92% market share in Q1, and even at a $4 trillion market cap, Nvidia is still in growth mode. Its real moat isn't just its chips -- it's its CUDA software platform. CUDA is the main reason why the company is in the position it is in today. Nvidia pushed its free software platform into research labs and universities well before AI went mainstream. This led to developers being trained on CUDA, and tools and libraries being built on top of it that improve its chips' performance in handling AI tasks. Nvidia, meanwhile, recently got good news when the Trump administration indicated it would once again let it sell its H20 chips in China. The company is also pushing into new markets beyond AI, with the auto segment being another potential huge market with the advent of autonomous driving and robotaxis. As such, Nvidia remains a great growth stock to own for the long haul. 2. Taiwan Semiconductor Manufacturing Taiwan Semiconductor Manufacturing (NYSE: TSM) is the world's leading chip foundry, and its importance just keeps growing. Today, most advanced chipmakers just design chips, leaving their production to TSMC. That includes top names like Nvidia, AMD, Broadcom, and Apple. TSMC is benefiting from the AI surge, with high-performance computing (HPC) now making up 60% of its revenue -- up from 52% a year ago. The company is far ahead in advanced node manufacturing, and that lead keeps widening. Nodes refer to how many transistors can be fit on a chip, and the more dense a chip is, the more powerful and energy efficient it becomes. Chips built on 7-nanometer and smaller nodes made up 74% of TSMC's revenue last quarter, with 3nm chips accounting for 24%. With other foundries struggling, TSMC is the clear leader in the space due to its scale and technological expertise. As a result, it has been an invaluable partner to top chip designers. The great thing is that it doesn't matter which company takes market share, as they all use TSMC. With AI demand continuing to grow and new markets like autonomous driving emerging, TSMC looks like a cornerstone stock to own for the next decade. 3. Meta Platforms One company looking to win the AI battle is Meta Platforms (NASDAQ: META). Meta already owns one of the most powerful digital ad platforms in the world, and it is now using AI to supercharge it. Meta's Llama models are helping boost engagement across Facebook and Instagram, which means users are spending more time on the apps, leading to more ad inventory to sell. At the same time, its AI tools are helping advertisers build better campaigns and target users more precisely, leading to higher ad prices and stronger return on ad spend. But the biggest opportunities are still ahead. Meta is only just beginning to serve ads on WhatsApp and Threads. WhatsApp has more than 3 billion users, and Threads already has 350 million. Both are early in their ad rollouts, and that gives Meta a long runway for growth. Meanwhile, CEO Mark Zuckerberg is spending aggressively to secure AI talent, with a stated goal of delivering "personal superintelligence." That's a bold vision, but if Meta succeeds, it could become the most important AI platform in the world. That's a reason to own it for the long term. 4. GitLab GitLab (NASDAQ: GTLB) is transforming itself from a code repository into a full-blown software development lifecycle platform. Its platform now provides tools for planning, coding, testing, securing, deploying, and monitoring software, as it looks to become a single platform for the entire software development lifecycle. And it's doing this just as AI is fundamentally changing how code is written, tested, and deployed. Software development has been accelerating due to AI, and GitLab is becoming a key partner. GitLab 18 marked a big leap forward, with over 30 new features including Duo Agent, which allows AI agents to help across the full development lifecycle. That matters, because only about 20% of a developer's time is spent actually writing code. GitLab is now focused on helping drive efficiency everywhere else. In an AI-first software world, GitLab's position as an end-to-end workflow solution puts it in a strong spot. This looks like a strong growth story with a lot of upside potential in the years to come. 5. Toast Toast (NYSE: TOST) is growing in importance in the restaurant industry, as its software platform helps restaurants manage operations and drive sales. Meanwhile, the company is now integrating AI into its platform in a way that could meaningfully change how restaurants make decisions. Tools like ToastIQ and Sous Chef are helping restaurants make smarter, faster decisions in real time -- whether it's optimizing staffing, adjusting menus, or helping improve supply chains. It has even started piloting new modules to help restaurants upsell customers and improve their advertising with Google. Toast's value proposition is clear: It helps restaurants run better and make more money. Meanwhile, through its payment processing, it benefits when its customers succeed. As restaurants face rising costs and tighter margins, they're turning to tech to help, and Toast is becoming one of the first places they look. That said, the restaurant industry is large and fragmented, giving Toast plenty of room to continue to expand over the next decade. Should you invest $1,000 in Nvidia right now? Before you buy stock in Nvidia, consider this: The Motley Fool Stock Advisor analyst team just identified what they believe are the for investors to buy now… and Nvidia wasn't one of them. The 10 stocks that made the cut could produce monster returns in the coming years. Consider when Netflix made this list on December 17, 2004... if you invested $1,000 at the time of our recommendation, you'd have $636,628!* Or when Nvidia made this list on April 15, 2005... if you invested $1,000 at the time of our recommendation, you'd have $1,063,471!* Now, it's worth noting Stock Advisor's total average return is 1,041% — a market-crushing outperformance compared to 183% for the S&P 500. Don't miss out on the latest top 10 list, available when you join Stock Advisor. See the 10 stocks » *Stock Advisor returns as of July 21, 2025 Geoffrey Seiler has positions in GitLab and Toast. The Motley Fool has positions in and recommends Advanced Micro Devices, Apple, GitLab, Meta Platforms, Nvidia, Taiwan Semiconductor Manufacturing, and Toast. The Motley Fool recommends Broadcom. The Motley Fool has a disclosure policy. 5 Breakout Growth Stocks You Can Buy and Hold for the Next Decade was originally published by The Motley Fool
Yahoo
7 minutes ago
- Yahoo
China, US to extend tariff pause at Sweden talks by another 90 days, SCMP reports
(Reuters) -Beijing and Washington are expected to extend their tariff truce by another three months at trade talks in Stockholm beginning on Monday, the South China Morning Post (SCMP) reported on Sunday, citing people familiar with the matter. During the expected 90-day extension, the U.S. and China will agree not to introduce new tariffs or take other actions that could further escalate the trade war, the report said. While the earlier discussions in Geneva and London focused on "de-escalation", the latest meeting the Chinese delegation will also press Trump's trade team on fentanyl-related tariffs, the report further said, citing three sources familiar with the matter. Reuters could not immediately verify the report. The White House did not immediately respond to requests for comment. The third round of U.S.-China talks is set to be held in Stockholm on Monday to tackle longstanding economic disputes at the centre of the countries' trade war. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Miami Herald
9 minutes ago
- Miami Herald
Microsoft CEO makes bold statement on company's future
In a candid memo released July 24, Microsoft CEO Satya Nadella addressed what he called the issue "weighing heavily" on him: the company's ongoing layoffs. More than 15,000 Microsoft employees have been let go in 2025 alone, as part of what Nadella described as a necessary but painful restructuring in the age of AI. Don't miss the move: Subscribe to TheStreet's free daily newsletter The company also cut nearly 2,000 additional staff deemed "low performers" earlier this year. "I want to speak to what's been weighing heavily on me, and what I know many of you are thinking about: the recent job eliminations," he wrote. Related: OpenAI CEO Sam Altman says that ChatGPT is not the way to superintelligence Recall Nadella wrote a similar note in 2023 - shortly after the company paused raises and announced its first significant layoffs of the post-pandemic era. He faced criticism at the time for placing too much focus on the company's outperformance without acknowledging those difficult moves. Despite the cuts, investors have rewarded Microsoft's leaner operating model. The company's stock closed above $500 for the first time on July 9, a symbolic milestone that arguably underscores Wall Street's growing faith in Microsoft's AI strategy. In his July memo, Nadella used stark language to describe the current environment, stating: "This is the enigma of success in an industry that has no franchise value." "Progress isn't linear," he added. "It's dynamic, sometimes dissonant, and always demanding. But it's also a new opportunity for us to shape, lead through, and have greater impact than ever before." For the past decade, Microsoft (MSFT) has operated under a unifying purpose: to empower every person and every organization on the planet to achieve more. But Nadella says that vision now needs to evolve. Related: Analysts unveil bold Amazon stock price target before earnings "We must reimagine our mission for a new era," he wrote. "What does empowerment look like in the era of AI? It's not just about building tools for specific roles or tasks. It's about building tools that empower everyone to create their own tools." This shift reflects the company's broader transformation from a software-centric business to what Nadella calls an "intelligence engine empowering every person and organization to build whatever they need to achieve." Microsoft's strategy hinges on positioning itself at the center of the AI value chain. Its Azure cloud platform is rapidly becoming the infrastructure of choice for AI workloads. OpenAI, as well as other major AI labs and enterprises, use Microsoft's GPU-centric cloud services to train and deploy large models. Copilot, Microsoft's generative AI assistant, has also been integrated into Office, GitHub, and enterprise software suites. More Tech Stocks: Amazon tries to make AI great again (or maybe for the first time)Veteran portfolio manager raises eyebrows with latest Meta Platforms moveGoogle plans major AI shift after Meta's surprising $14 billion move By reframing Microsoft as a platform that enables AI-native innovation, Nadella aims to extend the company's dominance beyond cloud and productivity into the AI-native economy. Nadella's statement marks a strategic realignment that mirrors an entire industry in transition. As Microsoft retools its mission, the world is watching to see if it can balance innovation, values, and leadership in one of the most disruptive technological shifts in history. The Arena Media Brands, LLC THESTREET is a registered trademark of TheStreet, Inc.
