Microsoft Issues Alert After Critical SharePoint Server Attacks
Newsweek AI is in beta. Translations may contain inaccuracies—please refer to the original content.
Microsoft has issued an urgent security alert warning of "active attacks" targeting SharePoint servers used by government agencies and businesses worldwide.
The attacks, discovered over the weekend, exploit a previously unknown vulnerability in the document-sharing software, prompting immediate action from both Microsoft and federal investigators.
The Federal Bureau of Investigations (FBI) told Newsweek on Sunday that it is aware of the incidents and working with federal and private-sector partners to address the threat. The Washington Post first reported the hacks, citing unidentified actors who exploited the flaw to target U.S. and international agencies and businesses over the past few days.
Newsweek reached out to Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA) on Sunday via email for comment.
Why It Matters
This zero-day attack represents a significant cybersecurity threat to organizations relying on SharePoint for internal document management and collaboration.
The vulnerability affects government agencies, schools, healthcare systems including hospitals, and large enterprise companies, with attackers bypassing multi-factor authentication and single sign-on protections to gain privileged access.
What To Know
The vulnerability affects only on-premises SharePoint servers used within organizations, not Microsoft's cloud-based SharePoint Online service.
Michael Sikorski, CTO and Head of Threat Intelligence for Unit 42 at Palo Alto Networks, told Newsweek in an email statement that "attackers are bypassing identity controls, including MFA and SSO, to gain privileged access. Once inside, they're exfiltrating sensitive data, deploying persistent backdoors, and stealing cryptographic keys."
According to Sikorski, the attackers have already established footholds in compromised systems, making patching alone insufficient to fully remove the threat. The compromise extends beyond SharePoint due to its deep integration with Microsoft's platform, including Office, Teams, OneDrive and Outlook. "What makes this especially concerning is SharePoint's deep integration with Microsoft's platform," Sikorski said. "A compromise doesn't stay contained—it opens the door to the entire network."
Microsoft has released a security update for SharePoint Subscription Edition and is developing patches for 2016 and 2019 versions. The company recommends organizations that cannot immediately apply protective measures should disconnect their servers from the internet until updates become available.
FILE - A Microsoft sign and logo are pictured at the company's headquarters, Friday, April 4, 2025, in Redmond, Wash.
FILE - A Microsoft sign and logo are pictured at the company's headquarters, Friday, April 4, 2025, in Redmond, Wash.
(AP Photo/Jason Redmond, File
What People Are Saying
Microsoft Security Team in a statement: "We recommend security updates that customers should apply immediately."
Michael Sikorski, CTO and Head of Threat Intelligence for Unit 42 at Palo Alto Networks, told Newsweek: "If you have SharePoint on-prem exposed to the internet, you should assume that you have been compromised at this point. This is a high-severity, high-urgency threat. We are urging organizations who are running on-prem SharePoint to take action immediately and apply all relevant patches now and as they become available, rotate all cryptographic material, and engage professional incident response."
The Cybersecurity and Infrastructure Security Agency said on Sunday: "CISA is aware of active exploitation of a new remote code execution (RCE) vulnerability enabling unauthorized access to on-premise SharePoint servers. While the scope and impact continue to be assessed, the new Common Vulnerabilities and Exposures (CVE), CVE-2025-53770, is a variant of the existing vulnerability CVE-2025-49706 and poses a risk to organizations. This exploitation activity, publicly reported as "ToolShell," provides unauthenticated access to systems and enables malicious actors to fully access SharePoint content, including file systems and internal configurations, and execute code over the network."
The FBI told Newsweek in an email response that they are: "Aware of the attacks and working closely with federal and private-sector partners," though they declined to provide additional operational details.
What Happens Next
Organizations using affected SharePoint versions face immediate decisions about disconnecting servers from the internet until patches become available.
Palo Alto Networks is actively notifying affected customers and working closely with Microsoft's Security Response Center to provide updated threat intelligence. Microsoft continues developing patches for older SharePoint versions, with timeline details yet to be announced.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Android Authority
an hour ago
- Android Authority
Your Android phone can now control more of your PC, and here's how
Tushar Mehta / Android Authority TL;DR Microsoft is updating its Link to Windows app on Android, enabling you to access your PC more easily. The update allows you to view the PC's battery status, recent files, and clipboard from your Android devices. The update also allows you to lock your Windows PCs remotely using your phone. Microsoft's Phone Link is the closest (and most trustworthy) means to create an Apple-like continuity between your Android phone and a Windows PC. The app already allows you to view your phone's notifications, messages, and media on your PC, take calls, and share files between both devices. The Android device, however, gets limited functionality, which Microsoft may now be looking to change. On the Android side, Microsoft's Link to Windows app serves as the terminal for creating and managing the cross-device connectivity features. Since it is already popular, with over a billion downloads on the Play Store, Microsoft could improve its service by adding features that enable remote control of the PC from a mobile device. Microsoft recently announced a significant update to the Link to Windows app. The update introduces new features, including the ability to remotely lock your Windows PC from a connected phone, check vitals such as battery and Wi-Fi status, or cast your phone's screen without interacting with the PC app. These features were previously spotted in Windows' dev channels and are now being rolled out to more users through the broader Insider channels. Along with these improvements, the Link to Windows can now be used to send files directly, without relying separately on Android's share sheet. More excitingly, the Link to Windows app will now also allow you to view recent files and access your PC's clipboard on your phone. The Android app is also getting an updated interface, as seen below: Microsoft Microsoft isn't rolling these features out to the stable channels of Windows 11 just yet, and you must be using one of the Insider builds to enjoy them. Alternatively, you can sign up to be a Windows Insider. Additionally, you will need to sign up for the beta for Link to Windows on the Play Store by scrolling down on the app listing, such that you are running version 1.25071.155 of the app on your phone. Lastly, once you have completed these requirements, go to Windows Settings > Bluetooth & devices > Mobile devices > Manage devices on your PC, select your Android device, and enable the required toggles to access the new features on your phone.
Tom's Guide
6 hours ago
- Tom's Guide
Is Steam Deck 2 secretly the next-gen PlayStation handheld? Valve and Sony's rumored partnership could make it happen, and I'm all for it
Rumors of Valve's most-wanted Steam Deck 2 are heating up, with the next-gen gaming handheld tipped to be in the works. But there's another conversation that's caught my attention — and it involves a rumored partnership between Sony and Valve. Gaming handhelds are picking up steam, with Microsoft teaming up with Asus to deliver a ROG Xbox Ally and Ally X this year, the Lenovo Legion Go S with SteamOS acting as a spiritual successor to the Steam Deck and the AMD Ryzen Z2 Extreme in the MSI Claw A8 expected to pack some serious power. Oh, and not to mention the Nintendo Switch 2. Then there's Sony with its PlayStation Portal. Streaming PS5 games on what is basically a DualSense controller with a screen slapped in the middle has its merits, but it's not exactly the next-gen PlayStation handheld fans have been waiting for. But what if the rumored Steam Deck 2 could act as the next PlayStation handheld? Well, considering speculation surrounding a subtle but clear Sony and Valve partnership (as per YouTuber Moore's Law is Dead), it isn't out of the realm of possibility. In fact, considering Sony's support of its own first-party titles on Steam already, the Steam Deck 2 could be Sony's answer to a next-gen PlayStation handheld. There's now a good selection of the latest PlayStation-first games on PC, with God of War Ragnarök, Ghost of Tsushima, Ratchet & Clank: Rift Apart, Helldivers 2, Returnal, Spider-Man and the recent Stellar Blade making their way over to Steam. Much of this is thanks to Sony's own Nixxes Software, who take on porting PS games to PC (and masterfully, too). The developers were behind bringing The Last of Us Part II to PC, and it was Naughty Dog who told me that TLOU Part II is "perfect" for Steam Deck. And yes, it is Steam Deck verified, with the developers prioritizing this to make sure Deck owners could play this graphically demanding game on the go. But that's not the only title that's been verified, and you'll find nearly all PS games are fit to be played on Steam Deck — and it shows Sony's support. Of course, Sony would want its games to work well on PC, as a terribly optimized game wouldn't go down well. But it's clear PlayStation offers big support for its games on Valve's Steam Deck, and on Steam in general, since it's the only other platform that delivers PlayStation exclusives. With this in mind, having a more powerful Steam Deck 2 to play the latest PlayStation titles would be hugely beneficial, and it makes Valve's rumored gaming handheld somewhat of a de facto next-gen PlayStation handheld. Plus, with the now-leaked AMD "Magnus" Zen 6 APU tipped to power the rumored PS6, and possibly a form of this chip on the Steam Deck 2 or Valve's rumored Steam Box, there's a lot of crossover to allow PlayStation games to run more easily on Steam platforms. For now, this is all just wishful thinking, but there have been murmurs of a next PlayStation handheld coming. And apparently, it's set to launch alongside the PS6. I'm all for a Steam Deck 2 being the way to play PS titles, but if Sony has another PS Vita up its sleeve that can run games natively, then I'll welcome it with open arms. Rumor has it that it may even support AI upscaling tech, similar to the PS5 Pro's PSSR (PlayStation Spectral Super Resolution). As noted by leaker KeplerL2, the next PlayStation handheld is expected to arrive with 16GB of DDR5X RAM, a third of the base PS5's memory bandwidth (4MB of L2 cache but with 16 MB of MALL cache) and will be powered by an AMD chip. That's yet another nod to AMD's upcoming chipsets. Now, there's no official word on Sony bringing out another handheld, and we may not end up seeing one after all. But if that's the case, perhaps the Steam Deck 2 could fill its shoes instead. And with Valve making sure its next hardware release offers a big enough performance leap (via The Verge), playing PlayStation games on a Steam Deck 2 is sure to be a treat. Follow Tom's Guide on Google News to get our up-to-date news, how-tos, and reviews in your feeds. Make sure to click the Follow button.
Business Insider
6 hours ago
- Business Insider
Surge AI's CEO says he would never hire these 2 roles at an early-stage startup
Product managers and data scientists have no place on a founding team, said Surge AI's CEO, Edwin Chen. Chen said on an episode of "No Priors Podcast" published Thursday that he often hears early-stage founders list the roles among their first five to 10 hires. "This is just wild to me," he said. Chen, who used to be a data scientist himself, said he would not hire data scientists early. "Data scientists are great when you want to optimize your product by 2% or 5%, but that's definitely not what you want to be doing when you start a company," he said. "You're trying to swing for 10x or 100x changes, not worrying and nitpicking about small percentage points that are just noise anyway." The founder of the data labeling startup also said product managers don't make sense early on. He said that the role becomes useful only once engineers no longer have the time or capacity to drive product direction. "Your engineer should be hands-on. They should be having great ideas as well," he said. " Product managers are great when your company gets big enough, but at the beginning, you should be thinking about yourself, about what product you want to build," he added. Surge AI and Chen did not respond to a request for comment from Business Insider. The great product manager debate Chen's comments come as the debate continues in the startup world over the role of product managers. Product managers have been referred to — both affectionately and critically — as "mini-CEOs" of the products they oversee. They act as a bridge among engineers, sales teams, customer service, and other departments, ensuring that products align with user needs. But the role has become a polarizing one, with some tech workers arguing that product managers add little value, Business Insider's Amanda Hoover reported in November. Microsoft wants to increase the number of engineers relative to product or program managers, BI's Ashley Stewart reported in March. Other companies like Airbnb and Snap are rethinking the need for product managers. The call for executives to go " founder mode" — a concept coined by the Y Combinator cofounder Paul Graham and touted by Airbnb's CEO, Brian Chesky — has some leaders questioning whether they should delegate product decisions to product managers. In 2023, Chesky merged product management with marketing, and Snap told The Information in the same year that it laid off 20 product managers to help speed up the company's decision-making. Others believe product managers' influence will only grow in the age of AI. Microsoft's chief technology officer, Kevin Scott, said on an episode of the "Twenty Minute VC" podcast published in March that product managers play a crucial role in setting up "feedback loops" to make AI agents better.
