Critical Microsoft SharePoint Zero-Day Exploited by Threat Actors
On July 28, 2025, cybersecurity professionals are on high alert following the discovery of a zero-day vulnerability in Microsoft SharePoint, designated CVE-2025-53770. This critical flaw enables unauthenticated remote code execution, allowing threat actors, including state-sponsored groups, to exploit the vulnerability across various sectors. Over 400 organizations have been affected, with significant concern surrounding U.S. government agencies. Microsoft has issued urgent patches, and the Cybersecurity and Infrastructure Security Agency (CISA) has stressed the necessity for immediate remediation to mitigate potential damage. The implications of this vulnerability are far-reaching, particularly given its exploitation in a recent breach of the U.S. Energy Department's National Nuclear Security Administration. Organizations must prioritize patching and review their security postures to defend against this evolving threat landscape.
For further details, see the full reports from Check Point Research and SWK Technologies.
Also In Security Today
- Breach of the U.S. Energy Department: The U.S. Energy Department confirmed a breach linked to the Microsoft SharePoint vulnerability, raising significant national security concerns.
- Dell Cyber Attack: Dell reported a cyber attack attributed to the World Leaks group, leading to the exfiltration of approximately 1.3 TB of data from its Customer Solution Centers.
- Rubicon Ransomware: The Rubicon ransomware strain has targeted various organizations, including AcmeBank, highlighting the persistent threat of ransomware facilitated through phishing attacks.
- Allianz Life Data Breach: Allianz Life suffered a breach due to a compromised CRM system, affecting the personal information of around 1.4 million customers, emphasizing vulnerabilities in cloud services.