SharePoint Breach Sends Shockwaves through Global Cybersecurity
Source: Bitdenfender A recent critical vulnerability in Microsoft SharePoint has triggered widespread concern across security teams worldwide. The flaw, tracked as CVE-2025-53770, allows unauthenticated attackers to execute remote code through malicious ViewState payloads. The exploit has already been used in active attacks targeting institutions in energy, education, and government sectors. The breach campaign appears to have started in early July. Microsoft confirmed that threat actors were able to steal cryptographic machine keys and drop persistent web shells on vulnerable systems. Several Chinese-based groups, including Violet Typhoon and Storm-2603, are suspected to be involved in the exploitation [1]. Microsoft released emergency patches for supported SharePoint Server editions on July 20. However, the company urged organizations to go beyond simple patching. Machines may remain compromised unless full incident response actions are performed. This includes key rotation, forensic...