This article discusses the discovery of critical vulnerabilities in Microsoft’s SharePoint software exploited by multiple Chinese hacking groups, leading to widespread cyberattacks. It highlights the importance of patching and the suspicious cooperation between state-linked groups and cybercriminals, raising concerns about escalation and motives behind these operations. #ToolShell #SharePointVulnerabilities
Keypoints
- Researchers demonstrated the ability to remotely compromise SharePoint servers at the Pwn2Own hacking competition.
- Multiple Chinese hacking groups, linked to state agencies, exploited vulnerabilities simultaneously, indicating a coordinated effort.
- Microsoft issued patches for CVE-2025-49704, CVE-2025-49706, and additional vulnerabilities, but exploitation continued prior to patch deployment.
- The campaigns targeted government, infrastructure, and defense sectors, with some groups also engaging in ransomware activities.
- Questions remain about how threat actors obtained exploits so quickly and whether motives are purely espionage or also financial gain.
Read More: https://therecord.media/three-hacking-groups-two-vulnerabilities-china-microsoft