New zero-day bug in Microsoft SharePoint under widespread attack

The U.S. federal government and cybersecurity researchers say a newly discovered security bug found in Microsoft’s SharePoint is under attack.

U.S. cybersecurity agency CISA sounded the alarm this weekend that hackers were actively exploiting the bug. Microsoft has not yet provided patches for all affected SharePoint versions, leaving customers across the world largely unable to defend against the ongoing intrusions.

Microsoft said the bug, known officially as CVE-2025-53770, affects versions of SharePoint that companies set up and manage on their own servers. SharePoint lets companies store, share, and manage their internal files.

Microsoft said it is working on security fixes to prevent hackers from exploiting the vulnerability. The flaw, described as a “zero-day” because the vendor was given no time to patch the bug before it was made aware of it, affects versions of the software as old as SharePoint Server 2016.

It’s not yet known how many servers have been compromised so far, but it is likely thousands of small to medium-sized businesses that rely on the software are affected. According to The Washington Post, several U.S. federal agencies, universities, and energy companies have already been breached in the attacks.

New zero-day bug in Microsoft SharePoint under widespread attack | TechCrunch

Other newsrooms on this story

Related reading

Hundreds of organizations breached by SharePoint mass-hacks | TechCrunch

Other newsrooms on this story

Related reading

Hundreds of organizations breached by SharePoint mass-hacks | TechCrunch

Risk highlighted as Chinese hackers hit Microsoft

SharePoint vulnerability with 9.8 severity rating under exploit across globe

Microsoft Confirms Active 0-Day Exploit—Check Emergency Mitigation Now

Microsoft Confirms Active 0-Day Exploit—Check Emergency Mitigation

Hacker greifen mit Sharepoint-Lücke weltweit Behörden und Firmen an