Chinese Hackers Exploit SharePoint Zero-Day in Global Cyberattack

Chinese Hackers Exploit SharePoint Zero-Day in Global Cyberattack

Understanding the SharePoint Zero-Day Vulnerability A critical SharePoint zero-day vulnerability —identified as CVE-2025-53770—is currently being actively exploited by China-backed hackers, according to Google and Microsoft. This vulnerability affects self-hosted SharePoint servers and allows attackers to steal sensitive private keys, install malware, and access internal company documents and network systems. Because this is a zero-day exploit, Microsoft had no opportunity to release a patch before it began being used in attacks. The flaw was discovered in mid-July 2025, and cybercriminals have since breached dozens of organizations, including those in the government sector. Image Credits:ilkaydede / Getty Images The hackers are targeting organizations that rely on self-managed SharePoint installations, which are widely used to store and manage confidential files. This makes the vulnerability extremely dangerous for companies that have not applied Microsoft’s recent security patches. Mic…