Close Menu
Innovation Village | Technology, Product Reviews, Business
    Facebook X (Twitter) Instagram
    Monday, September 1
    • About us
      • Authors
    • Contact us
    • Privacy policy
    • Terms of use
    • Advertise
    • Newsletter
    • Post a Job
    • Partners
    Facebook X (Twitter) LinkedIn YouTube WhatsApp
    Innovation Village | Technology, Product Reviews, Business
    • Home
    • Innovation
      • Products
      • Technology
      • Internet of Things
    • Business
      • Agritech
      • Fintech
      • Healthtech
      • Investments
        • Cryptocurrency
      • People
      • Startups
      • Women In Tech
    • Media
      • Entertainment
      • Gaming
    • Reviews
      • Gadgets
      • Apps
      • How To
    • Giveaways
    • Jobs
    Innovation Village | Technology, Product Reviews, Business
    You are at:Home»Cybercrime»Microsoft SharePoint Under Siege: Hackers Target Governments, Universities
    Microsoft
    Microsoft

    Microsoft SharePoint Under Siege: Hackers Target Governments, Universities

    0
    By Tapiwa Matthew Mutisi on July 24, 2025 Cybercrime, Data, Microsoft, News, Security

    A critical security vulnerability in Microsoft’s SharePoint servers has triggered a rapidly expanding wave of cyberattacks, with the number of compromised organizations surging more than sixfold in just a few days, according to Dutch cybersecurity firm Eye Security.

    Initially estimated at around 60 victims, the tally has now climbed to over 400 organizations worldwide, including government agencies, corporations, universities, and other institutions. Eye Security, which first identified the breach last week, warns that the actual number of affected entities could be significantly higher due to the stealthy nature of the exploit.

    The majority of confirmed victims are based in the United States, followed by Mauritius, Jordan, South Africa, and the Netherlands. In South Africa, Eye Security confirmed breaches at a car manufacturing firm, a university, several local government bodies, and a federal government agency. Two additional organizations were also affected, with details shared with the country’s Computer Security Incident Response Team (CSIRT).

    South Africa’s National Treasury acknowledged the presence of malware on its Infrastructure Reporting Model website and has sought assistance from Microsoft. However, it emphasized that its systems remain operational. The South African Reserve Bank confirmed that its systems were not compromised.

    In the U.S., the breach has impacted several high-profile institutions, including the National Nuclear Security Administration (NNSA)—the agency responsible for the country’s nuclear arsenal—and the National Institutes of Health (NIH). A spokesperson for the Department of Health and Human Services stated that while the department is actively monitoring the situation, there is currently no evidence of data breaches.

    The U.S. Education Department, Florida’s Department of Revenue, and the Rhode Island General Assembly were also reportedly affected.

    Microsoft has attributed the attacks to Chinese state-sponsored hacking groups, including Linen Typhoon, Violet Typhoon, and Storm-2603. These groups are known for espionage operations targeting government, defense, and civil society organizations. Microsoft noted that the attackers exploited the SharePoint vulnerability to steal authentication keys, allowing them to impersonate users and gain deep access to internal systems.

    The Chinese Foreign Ministry responded by denying involvement, stating that China opposes hacking and supports international cooperation on cybersecurity. However, cybersecurity experts suggest that proxy groups or private contractors may be executing the attacks on behalf of the Chinese state.

    According to Eye Security, the vulnerability is being exploited in waves. Initially used in targeted, covert attacks, the flaw is now being leveraged more broadly by opportunistic threat actors.

    This is still developing, and other adversaries continue to exploit vulnerable servers. The real number of victims might be much higher, as many compromises leave no immediate trace.

    Vaisha Bernard, Co-owner of Eye Security

    Sveva Scenarelli, a threat analyst at Recorded Future, explained that once attackers gain access, they often prioritize high-value targets, establish persistence, and exfiltrate sensitive data over time.

    Microsoft has issued security patches to address the SharePoint vulnerability, but experts caution that many systems may have already been compromised before the fixes were applied. The company has faced criticism for previous lapses, including a 2023 breach that exposed senior U.S. officials’ emails, prompting a government review that cited a “cascade of security failures.”

    The breach comes amid heightened tensions between the U.S. and China over cybersecurity and trade. U.S. Treasury Secretary Scott Bessent, who is scheduled to meet Chinese officials in Stockholm next week, confirmed that the SharePoint attacks will be on the agenda.

    Obviously, things like that will be on the agenda with my Chinese counterparts.

    Scott Bessent, U.S. Treasury Secretary

    What’s at Stake

    While classified networks like those at the NNSA are typically air-gapped and isolated from the internet, experts warn that sensitive but unclassified data—such as information on nuclear materials—could still be at risk. “There are categories of information that may be treated with less care and might have been exposed,” said Edwin Lyman, Director of Nuclear Power Safety at the Union of Concerned Scientists.

    SharePoint vulnerability exposes South African institutions to global cyberattack

    Related

    cyberattacks cybercrime CYbersecurity Data breaches Eye Security Hackers Microsoft Security SharePoint Technology
    Share. Facebook Twitter Pinterest LinkedIn Email
    Tapiwa Matthew Mutisi
    • Facebook
    • X (Twitter)
    • LinkedIn

    Tapiwa Matthew Mutisi has been covering blockchain technology, intelligent technologies, cryptocurrency, cybersecurity, telecommunications technology, sustainability, autonomous vehicles, and other topics for Innovation Village since 2017. In the years since, he has published over 4,000 articles — a mix of breaking news, reviews, helpful how-tos, industry analysis, and more. | Open DM on Twitter @TapiwaMutisi

    Related Posts

    How to Use Your Phone Camera Like a Digital Creator

    Meta Brings AI Writing Help to WhatsApp for Clearer, Smarter Messaging

    How to Pick the Perfect Laptop for Your Needs (Work, Gaming, or School)

    Leave A Reply Cancel Reply

    You must be logged in to post a comment.

    Copyright ©, 2013-2024 Innovation-Village.com. All Rights Reserved

    Type above and press Enter to search. Press Esc to cancel.