Chinese Hackers Attack US Nuclear Weapons Agency Using SharePoint Loophole, Says Microsoft
The US National Nuclear Security Administration (NNSA), which is responsible for maintaining the country's nuclear weapons stockpile, was among the organisations breached. However, no sensitive or classified information is believed to have been compromised, Interesting Engineering reported, citing a source.
In a blogpost published on July 22, Microsoft noted that probes into other actors also using these exploits are still underway. "With the rapid adoption of these exploits, Microsoft assesses with high confidence that threat actors will continue to integrate them into their attacks against unpatched on-premises SharePoint systems."
The hackers exploited critical vulnerabilities in Microsoft's SharePoint software, specifically zero-day vulnerabilities, including CVE-2025-53770, to gain remote access to networks and steal credentials.
The affected customers are those who operate the software on their internal servers instead of Microsoft's cloud-based services.
"These attacks highlight the growing sophistication and global scale of cyber threats," Microsoft said.
"Early exploitation resembled government-sponsored activity, and then spread more widely to include hacking that looks like China," said Adam Meyers, senior vice president at CrowdStrike. Meyers further added that the extent of the campaign is still being analysed.
The attacks began on July 18, said an Energy Department spokesperson, further adding that damage was limited because of the department's use of Microsoft's cloud services. "Our systems are built with multiple levels of security," the official said as quoted.
Bloomberg reported that hackers also attacked other systems at the US Department of Education, Florida's Department of Revenue, and the Rhode Island General Assembly. However, these departments haven't confirmed or denied it yet.
The report mentioned that over 100 organisations have been compromised worldwide, including government agencies, energy companies, consulting firms and universities. The breaches have said to have affected organisations across multiple sectors and countries, including the US, Europe, and the Middle East.
Microsoft has released security updates addressing the exploited vulnerabilities and urged all customers to apply patches without delay. The company has also hired government security executives and holds weekly senior leadership meetings focused on improving software resilience.
"There were ways around the patches," said Vaisha Bernard, Eye Security's chief hacker and co-owner said as quoted. "That allowed these attacks to happen."
China denies allegations
The Chinese Embassy in Washington has denied the allegations. In a statement, the embassy said, "At the same time, we also firmly oppose smearing others without solid evidence."
"We hope that relevant parties will adopt a professional and responsible attitude when characterising cyber incidents, basing their conclusions on sufficient evidence rather than unfounded speculation and accusations."
The breach highlights the ongoing threat posed by Chinese state-sponsored cyber espionage operations allegedly targeting critical US infrastructure and the need for robust cybersecurity measures to protect sensitive government and corporate networks.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Time of India
2 hours ago
- Time of India
‘Buying Chinese products is indirectly funding enemy'
Nagpur: The 26th Kargil Vijay Diwas was held by Bhonsala Military School on Saturday. Deputy Commandant of the Army's Uttar Maharashtra and Gujarat (UMANG) sub-area, Brigadier Abhijit Valimbe, was the chief guest. Member of RSS' all India executive body (publicity wing), Mukul Kanitkar, was the keynote speaker. Addressing a gathering of over 400 students, Kanitkar said Indians who buy Chinese mobile phones are actually indirectly funding the enemy to procure the weapons that they used to martyr Indian soldiers in Doklam. "At Doklam, the Chinese troops hit the unarmed Indian soldiers with sticks wrapped with barbed wire. When I saw those images, I thought that such sticks could easily be procured for Rs 300 to 500 by them. The money to buy the sticks that were used to take the lives of Indian soldiers went from Indians' pockets. Even today, those who use Chinese brands are indirectly funding the enemy," he said. The items from toothpaste with which the day begins to the mosquito repellent coils that are burnt in the night should be completely Indian. Not only the Pakistan-occupied Kashmir (PoK) has to be taken back but even the areas like Tibet and Ladakh have to be freed from China. by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like Easy Trick to Protect Your Kids From Mosquitoes (They Can't Stand This) Squito Stickers Undo When the British left the country, international boundaries were drawn merely on paper, and Indians were forced to accept it," said Kanitkar. He criticised the Shimla Pact between India and Pakistan that followed the 1971 war, calling it to be a disgrace. "I went to deliver a lecture at the Institute of Advanced Studies, the place where the Shimla Pact was signed. The hosts insisted I visit the room where the agreement was signed but I refused." Kanitkar also expressed concern about people becoming ignorant about national heroes. He said once, he went to Prayagraj and wanted to see the place where freedom fighter Chandrashekar Azad laid down his life. The place is still popularly known as Company Garden rather than Chandrashekhar Azad Park, though it has been named after him.
Time of India
2 hours ago
- Time of India
China PM warns against a global AI 'monopoly'
China PM warns against a global AI 'monopoly' China will spearhead the creation of an international organisation to jointly develop AI, the country's premier said, seeking to ensure that the world-changing technology doesn't become the province of just a few nations or companies. Artificial intelligence harbours risks from widespread job losses to economic upheaval that require nations to work together to address, Premier Li Qiang told the World Artificial Intelligence Conference in Shanghai on Saturday. That means more international exchanges, Beijing's No 2 official said during China's most important annual technology summit. Li didn't name any countries in his short address to kick off the event. But Chinese executives and officials have taken aim at Washington's efforts to curtail the Asian country's tech sector, including by slapping restrictions on the export of Nvidia chips crucial to AI development. On Saturday, Li acknowledged a shortage of semiconductors was a major bottleneck, but reaffirmed President Xi Jinping's call to establish policies to propel Beijing's ambitions. The govt will now help create a body - loosely translated as the World AI Cooperation Organization - through which countries can share insights and talent. by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like The Most Beautiful Female Athletes Right Now Undo "Currently, key resources and capabilities are concentrated in a few countries and a few enterprises. If we engage in technological monopoly, controls and restrictions, AI will become an exclusive game for a small number of countries and enterprises," Li told hundreds of delegates huddled at the conference venue on the banks of Shanghai's iconic Huangpu river. China and the US are locked in a race to develop a technology with the potential to turbocharge economies and - over the long run - tip the balance of geopolitical power. This week, US President Donald Trump signed executive orders to loosen regulations and expand energy supplies for data centers - a call to arms to ensure companies like OpenAI and Google help safeguard America's lead in the post-ChatGPT era. At the same time, the breakout success of DeepSeek has inspired Chinese tech leaders and startups to accelerate research and roll out AI products. The weekend conference in Shanghai - gathering star founders, Beijing officials and deep-pocketed financiers by the thousands - is designed to catalyze that movement. The event, which has featured Elon Musk and Jack Ma in years past, was launched in 2018. This year's attendance may hit a record because it's taking place at a critical juncture in the global race to lead GenAI development. It's already drawn some notable figures: Nobel Prize laureate Geoffrey Hinton and former Google chief Eric Schmidt were among heavyweights who met Shanghai party boss Chen Jining Thursday, before they were due to speak at the event.
New Indian Express
2 hours ago
- New Indian Express
Agencies should adopt security-first approach, ensure habitual alertness: Union Minister Amit Shah
NEW DELHI: Asserting the government has the political will to have 'zero tolerance against terrorism', which was reaffirmed remarkably through 'Operation Sindoor'. Union Home Minister Amit Shah on Saturday asked the agencies to follow a security-first approach, ensure habitual alertness, and coordination an integral part of their working methodology. Speaking at the two-day 'National Security Strategy Conference – 2025' organised by the Intelligence Bureau, the Home Minister said, 'India is one of the fastest emerging economies, and with that, the challenges before the country are also increasing. We must stay more vigilant and tackle problems with heightened awareness.' Highlighting the importance of the Conference, Shah said, the deliberations at the event enable senior officers to guide young officers and familiarise them with challenges by showing them the path in finding solutions. 'Police forces of all states and central investigative agencies should move forward with the goal of becoming the best in the world,' he exhorted, while adding that to address the challenges coming before the nation, a reliable ecosystem for real-time data sharing must be established.
