Google, Microsoft warn about zero-day bug in SharePoint

Just a heads up, if you buy something through our links, we may get a small share of the sale. It’s one of the ways we keep the lights on here. Click here for more.

Security experts at Google and Microsoft have discovered that Chinese government-backed hackers are exploiting a serious flaw, known as a zero-day vulnerability, in Microsoft SharePoint, a tool used by many companies to store and share documents internally. 

This flaw, officially known as CVE-2025-53770, was only recently discovered, and before Microsoft could fix it, hackers had already started exploiting it.

The flaw allows attackers to steal private security keys from versions of SharePoint that companies host themselves (not the cloud-based version). 

These keys function like digital passwords, and once stolen, hackers can infiltrate the company’s network, install malicious software, and gain access to sensitive files. 

From there, they can even move deeper into the company’s systems.

Microsoft said that at least three different Chinese hacking groups called Linen Typhoon, Violet Typhoon, and Storm-2603 are behind the attacks. 

These groups have different goals: some are focused on stealing trade secrets and other valuable company information, while others collect personal or confidential data for spying. 

One group has even been tied to ransomware attacks in the past.

The hacking activity dates back to at least July 7, and dozens of organizations, including those in government, have already been breached. 

Because the bug was unknown to Microsoft when it was first exploited, it’s labeled a zero-day, meaning there was zero time to react before it was used in attacks. 

Microsoft has now released a patch to fix the issue, but experts warn that many companies might have already been compromised and should act quickly to investigate and secure their systems.

China has often been accused of conducting cyberattacks, but it usually denies direct involvement. 

A spokesperson from the Chinese Embassy in Washington, DC, repeated that China opposes all forms of cybercrime.

This isn’t the first time Chinese hackers have targeted Microsoft products. 

In 2021, they were accused of a major hacking campaign that compromised thousands of Microsoft Exchange email servers worldwide, stealing data from tens of thousands of users.

The current SharePoint attacks highlight the ongoing threat of state-backed cyber espionage and the importance of quickly applying security updates.

Do you think AI achieving gold medal scores in math competitions shows we’re getting closer to artificial general intelligence? Or are these specialized achievements not indicative of broader AI capabilities? Tell us below in the comments, or reach us via our Twitter or Facebook.