Critical SharePoint Vulnerabilities Exploited Amid Major Ransomware Attacks

On July 17, 2025, cybersecurity headlines are dominated by the urgent exploitation of two critical zero-day vulnerabilities in Microsoft SharePoint. These flaws, with CVSS scores of 9.8 and 7.1, allow remote code execution and unauthorized access, prompting Microsoft to release patches immediately. Organizations using SharePoint must prioritize these updates to mitigate potential breaches. Meanwhile, Ingram Micro, a leading global IT solutions distributor, suffers a ransomware attack attributed to the SafePay group, resulting in a significant operational shutdown and estimated losses of $136 million daily. Additionally, the German charity Welthungerhilfe has fallen victim to the Rhysida ransomware gang, which has encrypted sensitive data and demanded a ransom of approximately $2.1 million in Bitcoin. These incidents reflect a troubling trend of increasing attacks on both commercial and humanitarian sectors, emphasizing the critical need for enhanced cybersecurity protocols and swift incident response.

Also In Security Today

Ingram Micro Ransomware Attack: Ingram Micro is grappling with a ransomware attack from the SafePay group, leading to massive operational disruptions and daily losses of up to $136 million. Read more.

Rhysida Ransomware Targets Charity: The Welthungerhilfe charity has been attacked by the Rhysida ransomware gang, demanding a ransom of $2.1 million in Bitcoin after encrypting vital data. Read more.

CISA Adds New Vulnerabilities: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three newly identified security flaws to its list of actively exploited vulnerabilities, including a critical deserialization issue within SolarWinds products. Read more.

Analyst's Take

Today's events highlight the urgent need for organizations to bolster their cybersecurity defenses, particularly against ransomware threats and zero-day vulnerabilities. The ongoing exploitation of Microsoft SharePoint underscores the critical importance of timely patch management and vulnerability assessments. Security professionals should enhance their incident response plans and consider implementing proactive measures such as threat hunting and employee training to mitigate risks. This week’s attacks serve as a reminder that vulnerabilities are increasingly targeted, making resilience and preparedness paramount in today’s evolving threat landscape.