Microsoft SharePoint Zero-Day Exploited Amid Ransomware Surge
Microsoft SharePoint Zero-Day Exploited Amid Ransomware Surge
On July 25, 2025, cybersecurity defenses were put to the test as a significant zero-day vulnerability in Microsoft SharePoint, identified as CVE-2025-53770, was actively exploited. This critical flaw permits unauthenticated remote code execution, impacting sectors such as government and healthcare with alarming severity. The notorious threat actor group Storm-2603 has been linked to these attacks, reportedly compromising over 400 systems through ransomware deployments.
As organizations scramble to patch this vulnerability, the ramifications of this incident underscore the urgent need for proactive cybersecurity measures. The situation has been exacerbated by additional attacks, including a major ransomware incident at Ingram Micro, leading to estimated losses of $136 million per day, as well as a breach of Toptal's GitHub account that compromised software supply chains.
Also In Security Today
- Ingram Micro Ransomware Attack: The IT distribution giant faced a ransomware attack by the SafePay group, resulting in significant operational disruptions and potential losses of up to $136 million per day. Source
- Compromise of Toptal GitHub Account: Hackers breached Toptal's GitHub, enabling the distribution of malicious npm packages that could execute remote commands and steal sensitive credentials. Source
- KNP Logistics Collapse: The UK firm KNP Logistics went bankrupt following a cyberattack exploiting a single compromised password, highlighting critical password hygiene issues. Source
- Mitel and Mitigation Efforts: Mitel released a patch for a vulnerability in its MiVoice MX-ONE system that allowed attackers to gain admin access, reinforcing the need for vigilance against such exposures. Source