top of page

Microsoft Server Hack Hits 100 Organisations in Global Cyber Espionage Campaign

  • Writer: tech360.tv
    tech360.tv
  • Jul 22, 2025
  • 2 min read

A cyber espionage campaign exploiting a vulnerability in Microsoft’s SharePoint server software has compromised about 100 organisations, according to cybersecurity researchers.


Microsoft building exterior with large logo in foreground. Modern architecture, clear blue sky, and a prominent multicolored icon.
Credit: MICROSOFT

The attack, which Microsoft disclosed on Saturday, targets self-hosted SharePoint servers and does not affect cloud-based versions. The breach leverages a zero-day vulnerability, allowing hackers to infiltrate systems and potentially install backdoors for ongoing access.


Eye Security, a Netherlands-based cybersecurity firm, discovered the campaign on Friday while investigating an incident involving one of its clients. Chief Hacker Vaisha Bernard said an internet scan conducted with the Shadowserver Foundation revealed nearly 100 affected organisations before the hacking method became widely known.


Bernard declined to name the victims but confirmed that national authorities had been notified.


The Shadowserver Foundation corroborated the number of affected organisations, noting that most were located in the United States and Germany. Victims include government entities.


Rafe Pilling, Director of Threat Intelligence at British cybersecurity firm Sophos, said the operation currently appears to be the work of a single hacker or group, though that could change.


Woman typing on a laptop surrounded by abstract security symbols like keyholes, locks, and a fingerprint, on a pink background.
Credit: MICROSOFT

Microsoft has released security updates and urged customers to install them.


Google, which monitors internet traffic, linked some of the activity to a China-nexus threat actor. The Chinese Embassy in Washington did not respond to a request for comment. Beijing typically denies involvement in hacking operations.


The FBI confirmed it is aware of the attacks and is working with federal and private-sector partners. Britain’s National Cyber Security Centre reported a limited number of targets in the United Kingdom.


A researcher tracking the campaign said it initially focused on a narrow group of government-related organisations.


The potential scope of the breach is significant. Shodan, a search engine for internet-connected devices, identified over 8,000 potentially vulnerable servers. Shadowserver estimated the number at more than 9,000, cautioning that this is a minimum figure.


Targets include industrial firms, banks, auditors, healthcare providers, and various U.S. state-level and international government bodies.


Daniel Card of British cybersecurity consultancy PwnDefend said the SharePoint vulnerability has led to widespread compromise and warned that simply applying the patch is not sufficient.

  • About 100 organisations compromised in Microsoft SharePoint server hack

  • Most victims located in the U.S. and Germany, including government entities

  • Attack exploits a zero-day vulnerability in self-hosted SharePoint servers


Source: REUTERS

As technology advances and has a greater impact on our lives than ever before, being informed is the only way to keep up.  Through our product reviews and news articles, we want to be able to aid our readers in doing so. All of our reviews are carefully written, offer unique insights and critiques, and provide trustworthy recommendations. Our news stories are sourced from trustworthy sources, fact-checked by our team, and presented with the help of AI to make them easier to comprehend for our readers. If you notice any errors in our product reviews or news stories, please email us at editorial@tech360.tv.  Your input will be important in ensuring that our articles are accurate for all of our readers.

Tech360tv is Singapore's Tech News and Gadget Reviews platform. Join us for our in depth PC reviews, Smartphone reviews, Audio reviews, Camera reviews and other gadget reviews.

  • YouTube
  • Facebook
  • TikTok
  • Instagram
  • Twitter
  • LinkedIn

About Us

Privacy

Disclaimer

info@tech360.tv

© 2021 tech360.tv. All rights reserved.

bottom of page