Microsoft fixes 2 SharePoint zero-days under attack
Digest more
Microsoft issued an emergency fix to close off a vulnerability in its SharePoint software that hackers have exploited to carry out widespread attacks on businesses and at least some federal agencies.
Among the attackers now actively exploiting vulnerable on-premises Microsoft SharePoint servers, at least one has shown indications of originating from China, according to the assessment of researchers at Google Cloud-owned Mandiant.
The hackers behind the initial wave of attacks exploiting a zero-day in Microsoft SharePoint servers have so far primarily targeted government organizations, according to researchers as well as news reports.
A sweeping cyber espionage operation targeting Microsoft server software compromised about 100 organizations as of the weekend, two of the organizations that helped uncover the campaign said on Monday.
Explore more