T4K3.news

Chinese hackers behind Microsoft SharePoint attacks

Microsoft links recent SharePoint server breaches to state-sponsored Chinese hacking groups.

July 22, 2025 at 04:13 PM

Microsoft says Chinese hacking groups are behind SharePoint attacks

Recent attacks on Microsoft’s SharePoint server have been tied to Chinese hacking groups.

China-affiliated hackers exploit vulnerabilities in Microsoft SharePoint

Recent attacks targeting Microsoft’s SharePoint server have been linked to Chinese-affiliated hacking groups, as reported by Microsoft. The company identified two specific actors, called Linen Typhoon and Violet Typhoon, using exploits to attack internet-facing SharePoint servers. In addition, another group named Storm-2603 has also been exploiting the vulnerabilities. Investigators noted that 54 organizations have reported breaches, including a private university and a federal health organization. A patch has been released to address the vulnerabilities, but Microsoft warns that these threats are expected to persist against unpatched systems.

Key Takeaways

✔️

Microsoft linked SharePoint attacks to Chinese hacking groups.

✔️

Linen Typhoon and Violet Typhoon are notable threats identified.

✔️

Fifty-four organizations, including a federal health entity, have been breached.

✔️

A patch for the vulnerability was issued but risks remain for unpatched systems.

✔️

Hacking strategy shows a pattern of exploiting known vulnerabilities.

✔️

The cyber threat landscape continues to evolve with state-sponsored activities.

"As of this writing, Microsoft has observed two named Chinese nation-state actors exploiting these vulnerabilities."

This highlights the direct identification of state-sponsored actors involved in the attacks.

"Microsoft has assessed with high confidence that threat actors will continue using it to attack unpatched server systems."

This emphasizes the ongoing risk to organizations that fail to update their systems promptly.

This situation underscores the growing threat posed by state-sponsored cyber groups, highlighting the fragile security of essential platforms like SharePoint. Microsoft's proactive response with a patch may offer short-term relief, but the ongoing scrutiny on these exploits indicates a stubborn cyber landscape. As organizations rush to secure their systems, the implications are twofold: immediate operational disruptions for victims and longer-term impacts on trust in technological infrastructures. Companies must now prioritize security to counteract the evolving tactics of these attacking entities.

Highlights

Chinese hackers are exploiting Microsoft vulnerabilities to target sensitive data.
The digital battlefield continues to be shaped by state-sponsored hacking.
Attacks reveal critical weaknesses in widely used platforms like SharePoint.
Organizations must act swiftly as cyber threats are evolving.

Concerns over state-sponsored cyber attacks

The attacks raise alarms about ongoing cyber threats from state-sponsored hacking groups. Organizations face heightened risks of data breaches and operational disruptions.

As the digital landscape grows, vigilance becomes paramount against such state-backed threats.

🏷️

microsoft china cybersecurity hacking sharepoint technology security

Enjoyed this? Let your friends know!