Vulnerability cyber

Microsoft Corp.

Jul 23, 2025 1 min read
Microsoft Corp.

The number of companies and organizations compromised by a security vulnerability in Microsoft Corp.’s SharePoint servers is increasing rapidly, with the tally of victims soaring more than six-fold in a few days, according to one research firm. Hackers have breached about 400 government agencies, corporations, and other groups, with most victims in the US, followed by Mauritius, Jordan, South Africa, and the Netherlands. The hacks are among the latest major breaches that Microsoft has blamed, at least in part, on China.

Source: https://www.livemint.com/companies/news/tally-of-microsoft-victims-surges-to-400-as-hackers-capitalize-on-sharepoint-flaw-11753271877150.html

TPRM report: https://scoringcyber.rankiteo.com/company/microsoft

"id": "mic529072325",
"linkid": "microsoft",
"type": "Vulnerability",
"date": "7/2025",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'industry': 'Government',
                        'location': 'US',
                        'name': 'National Nuclear Security Administration',
                        'type': 'Government Agency'},
                       {'industry': 'Education',
                        'location': 'US',
                        'name': 'US Education Department',
                        'type': 'Government Agency'},
                       {'industry': 'Government',
                        'location': 'US',
                        'name': 'Florida’s Department of Revenue',
                        'type': 'Government Agency'},
                       {'industry': 'Government',
                        'location': 'US',
                        'name': 'Rhode Island General Assembly',
                        'type': 'Government Agency'}],
 'attack_vector': 'Vulnerability Exploitation',
 'data_breach': {'data_exfiltration': 'Possible',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'Confidential Data'},
 'description': 'A security vulnerability in Microsoft Corp.’s SharePoint '
                'servers has been exploited by hackers, compromising about 400 '
                'government agencies, corporations, and other groups. The '
                'vulnerability allows hackers to access SharePoint servers and '
                'steal keys to impersonate users or services, enabling deep '
                'access into compromised networks to steal confidential data.',
 'impact': {'data_compromised': 'Confidential Data',
            'systems_affected': 'SharePoint Servers'},
 'initial_access_broker': {'entry_point': 'SharePoint Server Vulnerability',
                           'high_value_targets': ['Government Agencies',
                                                  'Corporations',
                                                  'Educational Institutions']},
 'motivation': 'Espionage, Intellectual Property Theft',
 'post_incident_analysis': {'corrective_actions': 'Issuing Patches',
                            'root_causes': 'Vulnerability in Microsoft '
                                           'SharePoint Server'},
 'references': [{'source': 'Bloomberg', 'url': 'https://www.bloomberg.com'}],
 'response': {'remediation_measures': 'Patches Issued by Microsoft'},
 'threat_actor': ['Linen Typhoon', 'Violet Typhoon', 'Storm-2603'],
 'title': 'Microsoft SharePoint Server Vulnerability Exploitation',
 'type': 'Cyber Attack',
 'vulnerability_exploited': 'Microsoft SharePoint Server'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.