Hundreds of organizations breached by SharePoint mass-hacks
Eye Security, a Dutch cybersecurity firm that first identified the vulnerability in SharePoint, a popular server software that companies use to store and share internal documents, said it had identified hundreds of affected SharePoint servers by scanning the internet. The number has risen from the dozens of known compromised servers as of earlier this week.
Bloomberg reports that one of the affected organizations includes the National Nuclear Security Administration (NNSA), the federal agency responsible for maintaining and developing the U.S. stockpile of nuclear weapons. A spokesperson for the Department of Energy, which houses the NNSA, did not respond to TechCrunch's request for comment.
Several other government departments and agencies were also compromised in an early wave of attacks exploiting the SharePoint bug, researchers confirmed. Data suggests hackers were exploiting the vulnerability as early as July 7.
The bug, officially known as CVE-2025-53770, affects self-hosted versions of SharePoint that companies set up and manage on their own servers. Once exploited, the bug allows an attacker to remotely run malicious code on the affected server, permitting access to the files stored inside, as well as other systems on the company's wider network.
The vulnerability is known as a zero-day because Microsoft had no time to release patches before it was exploited. Microsoft has since released patches for all affected SharePoint versions.
Google and Microsoft say they have evidence that several China-backed hacking groups are exploiting the bug, but warned companies to expect an uptick in compromises as more hacker groups seek to take advantage of the vulnerability. The Chinese government denied the allegations.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Yahoo
24 minutes ago
- Yahoo
Permian Basin Royalty: Q2 Earnings Snapshot
DALLAS (AP) — DALLAS (AP) — Permian Basin Royalty Trust (PBT) on Wednesday reported net income of $2.4 million in its second quarter. The Dallas-based company said it had profit of 5 cents per share. The owner of royalty interests in oil and gas properties posted revenue of $3.1 million in the period. _____ This story was generated by Automated Insights ( using data from Zacks Investment Research. Access a Zacks stock report on PBT at Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Yahoo
24 minutes ago
- Yahoo
Inside the James Cook deal
Running back James Cook has his new deal with the Bills. We have the numbers on the new five-year (not four-year) contract. Here they are, per a source with knowledge of the terms: 1. Signing bonus: $9 million. 2. 2025 base salary: $1.28 million, fully guaranteed. 3. 2026 option bonus: $7.4 million (see below for guarantee details). 4. 2026 workout bonus: $250,000. 5. 2026 base salary: $2.01 million (see below for guarantee details). 6. 2026 per-game roster bonus: $340,000 total. 7. 2027 workout bonus: $250,000. 8. 2027 base salary: $9.13 million, guaranteed for injury at signing; on the fifth day of the 2026league year, $6.22 million becomes fully guaranteed, with the remaining $2.91 million vesting in on the fifth day of the 2027 league year. 9. 2027 per-game roster bonus: $340,000 total. 10. 2028 workout bonus: $250,000. 11. 2028 base salary: $9.681 million, $1.18 million of which is guaranteed for injury. 12. 2028 per-game roster bonus: $340,000 total. 13. 2029 workout bonus: $250,000. 14. 2029 base salary: $10.41 million. 15. 2029 per-game roster bonus: $340,000 total. For 2026, $5 million is fully guaranteed at signing. Another $4.41 million is guaranteed for injury; it converts to full guarantee in on February 9, 2026. The contract includes a $1 million escalator for 2028, if any year from 2025 through 2027 he participates in 45 percent of the offensive snaps and the team makes the playoffs. The contract also includes a $1 million escalator for 2029, if any two years from 2025 through 2028 he participates in 45 percent of the offensive snaps and the team makes the playoffs in those same two seasons. The new-money average on the four-year extension is $11.5 million per year, with $15.28 million fully guaranteed at signing. By 2026, the full guarantee increases to $25.91 million. The total injury guarantee is $30 million, with $28.82 million fully guranteed by 2027. From signing, the contract has a value of $10.254 million per year over five years; Cook was due to make $5.271 million in 2025.
Yahoo
24 minutes ago
- Yahoo
Fed grappling with impact of tariffs as it ponders rate decisions, Goolsbee says
(Reuters) -Chicago Federal Reserve President Austan Goolsbee said on Wednesday the U.S. central bank is grappling with understanding whether tariffs will push up inflation just temporarily or more persistently, which would inform its decision on when to cut interest rates. "As we go into the fall, these are going to be some live meetings and we're going to have to figure it out," Goolsbee told the Greater Springfield Chamber of Commerce in Springfield, Illinois. "The hardest thing that a central bank ever has to do is to try to get the timing right when there are moments of transition." Goolsbee said he is uneasy assuming tariffs will be just a one-time shock to inflation and wants to see more data including wholesale price data due out this week and broader inflation data next month before coming to a view on whether a rate cut is warranted. The Fed left its benchmark overnight interest rate in the 4.25%-4.50% range at its meeting last month, a decision that drew dissents from Fed Vice Chair of Supervision Michelle Bowman and Fed Governor Christopher Waller. Bowman and Waller wanted to cut rates to head off what they worried was incipient weakness in the labor market. Two days after the end of that policy meeting, the U.S. Labor Department revised its earlier estimates of job growth in May and June sharply downward and reported a smaller-than-expected job gain in July. President Donald Trump called the data rigged and fired the commissioner in charge of producing it. Even so, allies including Treasury Secretary Scott Bessent have seized on the recent jobs report to call for rate cuts that Trump has pushed hard for all year. Some Fed officials also feel the July jobs report bolstered the case for easing policy. Goolsbee cautioned against reading too much into slowing job growth since that may reflect the sharp drop in immigration. He said he puts more weight on data like the unemployment rate, which at 4.2% is historically low. "I think the state of the labor market is pretty strong, pretty solid," Goolsbee said. Data earlier this week showed consumer prices rose 0.2% on a monthly basis in July, a downshift from the 0.3% reported for the prior month. Goolsbee said he took note of the rise in services inflation, which is not directly related to tariffs, and would be concerned if upcoming data continued to show a broadening of price pressures. Sign in to access your portfolio
