favicon

T4K3.news

Microsoft Links SharePoint Exploits to Chinese Hacker Groups

Microsoft has identified ongoing attacks on SharePoint by three Chinese hacker groups, raising security concerns.

July 22, 2025 at 03:45 PM
blur Microsoft Links Ongoing SharePoint Exploits to Three Chinese Hacker Groups

Microsoft links SharePoint attacks to three China-based groups; flaws allow code execution and data theft on unpatched systems.

Microsoft Ties SharePoint Exploits to Chinese Hacker Groups

Microsoft has connected the exploitation of security weaknesses in SharePoint Server to two Chinese hacking groups named Linen Typhoon and Violet Typhoon, as well as a third group labeled Storm-2603. These attacks have been in operation since mid-2025 and utilize vulnerabilities that allow for unauthorized access to compromised systems. Additionally, Microsoft warns that these vulnerabilities are being actively utilized against unpatched SharePoint installations, raising serious security concerns for organizations worldwide. The company has identified the flaws as CVE-2025-49706 and CVE-2025-49704, which are causing authentication bypass issues and allowing for remote code execution across unpatched systems. This report suggests an urgent need for organizations to update their SharePoint systems.

Key Takeaways

✔️
Microsoft links SharePoint exploits to three Chinese hacker groups.
✔️
Vulnerabilities found allow for remote code execution and data theft.
✔️
Organizations need urgent security updates to protect against these threats.
✔️
Linen Typhoon and Violet Typhoon have a long history of cyber activity since 2012 and 2015 respectively.
✔️
Storm-2603 has previously used ransomware attacks against targets.
✔️
Failure to act on vulnerabilities could lead to broader impacts on cybersecurity.

"With the rapid adoption of these exploits, Microsoft assesses with high confidence that threat actors will continue to integrate them into their attacks."

This quote reflects Microsoft's assessment of the ongoing danger posed by the linked hacker groups to unpatched systems.

"Each serves a unique function within Chromium's architecture, yet collectively reveals a strategy of behavioral mimicry and sandbox evasion."

Rakesh Krishnan's quote emphasizes the sophisticated techniques used by attackers to exploit SharePoint.

The revelation from Microsoft highlights a broad and ongoing threat in the cybersecurity landscape, particularly concerning China-based hacker groups. These organizations have a history of employing sophisticated methods to exploit known vulnerabilities. Despite past warnings, many organizations remain unpatched, making them prime targets. This trend could embolden hackers and lead to wider implications for global cybersecurity tactics. It's a stark reminder that the integration of security updates cannot be neglected in an age where cyber threats are escalating in complexity and frequency, especially from state-sponsored actors.

Highlights

  • Vulnerabilities allow hackers to execute undetected attacks.
  • The history of these groups shows their long-standing threat.
  • Updating security measures is no longer optional.
  • Failing to patch could have dire consequences.

Cybersecurity Risks from Chinese Hacker Groups

The ongoing vulnerabilities linked to Chinese hacker groups pose significant risks to businesses, especially those using unpatched SharePoint systems. Increased attacks from state-sponsored actors can lead to data loss, financial damage, and compromised security.

As cyber threats evolve, organizations must stay vigilant and proactive in their security efforts.

Enjoyed this? Let your friends know!

Related News