Unknown threat actors exploited a Microsoft SharePoint zero-day vulnerability chain to breach the National Nuclear Security Administration, impacting a small number of systems with minimal disruption. Multiple nation-state hacking groups, including Chinese and Russian actors, are linked to widespread attacks leveraging these vulnerabilities. #SharePointZeroDay #APT29 #LinenTyphoon #VioletTyphoon #Storm2603
Keypoints
- Unknown threat actors exploited a Microsoft SharePoint zero-day vulnerability chain to breach NNSA networks.
- The breach affected only a small number of systems, with all impacted systems currently being restored.
- Multiple nation-state groups, including Chinese and Russian hackers, are linked to these widespread attacks.
- Over 400 servers and 148 organizations worldwide have been compromised by the threat actors.
- U.S. federal agencies have been ordered to secure their systems following the exploitation of the CVE-2025-53770 flaw.