A previously unknown group of hackers has exploited a critical vulnerability in Microsoft’s SharePoint platform, compromising U.S. federal and state agencies along with other institutions across the globe, according to officials cited by The Washington Post.
The global cyberattack, which began days ago and remains active, has impacted universities, energy companies, and an Asian telecommunications firm. The flaw affects on-premise SharePoint servers, not Microsoft 365 cloud services.
In response, emergency efforts have been launched in both the U.S. and Canada to secure tens of thousands of vulnerable servers. Experts warn the breach could lead to the theft or manipulation of highly sensitive data and credentials.
Microsoft released a patch for one version of SharePoint Sunday night but confirmed two other versions remain exposed. The company is continuing to develop and deploy fixes as investigations unfold.
