Skip to content
SPECIAL

THREATS TO CRITICAL INFRASTRUCTURE IN IRAN CONFLICT

READ MORE

Microsoft SharePoint zero-day attacks pinned on China-linked ‘Typhoon’ threat groups

(Microsoft)

By Matt Kapko

Microsoft said two China nation-state threat groups and a separate attacker based in China are exploiting the zero-day vulnerabilities that first caused havoc to SharePoint servers over the weekend.

Linen Typhoon and Violet Typhoon — the Chinese government-affiliated threat groups — and an attacker Microsoft tracks as Storm-2603 are exploiting the pair of zero-day vulnerabilities affecting on-premises SharePoint servers, Microsoft Threat Intelligence said in a blog post Tuesday.

The zero-days — CVE-2025-53770 and CVE-2025-53771 — have been exploited en masse to intrude hundreds of organizations globally, spanning multiple sectors, including government agencies, according to researchers. 

Read more at CyberScoop

Click to listen highlighted text!