T4K3.news
Microsoft Links SharePoint Exploits to Chinese Hacker Groups
Microsoft has identified ongoing attacks on SharePoint by three Chinese hacker groups, raising security concerns.

Microsoft links SharePoint attacks to three China-based groups; flaws allow code execution and data theft on unpatched systems.
Microsoft Ties SharePoint Exploits to Chinese Hacker Groups
Microsoft has connected the exploitation of security weaknesses in SharePoint Server to two Chinese hacking groups named Linen Typhoon and Violet Typhoon, as well as a third group labeled Storm-2603. These attacks have been in operation since mid-2025 and utilize vulnerabilities that allow for unauthorized access to compromised systems. Additionally, Microsoft warns that these vulnerabilities are being actively utilized against unpatched SharePoint installations, raising serious security concerns for organizations worldwide. The company has identified the flaws as CVE-2025-49706 and CVE-2025-49704, which are causing authentication bypass issues and allowing for remote code execution across unpatched systems. This report suggests an urgent need for organizations to update their SharePoint systems.
Key Takeaways
"With the rapid adoption of these exploits, Microsoft assesses with high confidence that threat actors will continue to integrate them into their attacks."
This quote reflects Microsoft's assessment of the ongoing danger posed by the linked hacker groups to unpatched systems.
"Each serves a unique function within Chromium's architecture, yet collectively reveals a strategy of behavioral mimicry and sandbox evasion."
Rakesh Krishnan's quote emphasizes the sophisticated techniques used by attackers to exploit SharePoint.
The revelation from Microsoft highlights a broad and ongoing threat in the cybersecurity landscape, particularly concerning China-based hacker groups. These organizations have a history of employing sophisticated methods to exploit known vulnerabilities. Despite past warnings, many organizations remain unpatched, making them prime targets. This trend could embolden hackers and lead to wider implications for global cybersecurity tactics. It's a stark reminder that the integration of security updates cannot be neglected in an age where cyber threats are escalating in complexity and frequency, especially from state-sponsored actors.
Highlights
- Vulnerabilities allow hackers to execute undetected attacks.
- The history of these groups shows their long-standing threat.
- Updating security measures is no longer optional.
- Failing to patch could have dire consequences.
Cybersecurity Risks from Chinese Hacker Groups
The ongoing vulnerabilities linked to Chinese hacker groups pose significant risks to businesses, especially those using unpatched SharePoint systems. Increased attacks from state-sponsored actors can lead to data loss, financial damage, and compromised security.
As cyber threats evolve, organizations must stay vigilant and proactive in their security efforts.
Enjoyed this? Let your friends know!
Related News

Chinese hackers behind Microsoft SharePoint attacks

Chinese hackers targeting Microsoft SharePoint zero-day vulnerability

OpenAI to launch GPT-5 in August
Breach reported at US nuclear weapons agency

Microsoft investigates potential breach linked to hackers

Storm-2603 targets SharePoint flaws

Microsoft issues emergency patch for SharePoint vulnerabilities

SharePoint hacking campaign targets government agencies
