A critical security vulnerability in Microsoft’s SharePoint software has recently been exploited by hackers, granting them significant access to files globally, including those of US government agencies, businesses, and universities. Although Microsoft released a patch last night, the full impact of the attack remains uncertain. The US Cybersecurity and Infrastructure Security Agency (CISA) has alerted the public that the exploit allows unauthorized access to systems, enabling hackers to access SharePoint content and execute code remotely. Known as a “zero day” exploit, this vulnerability was present in Microsoft’s public code and was not identified by the company until it was exploited. With “tens of thousands” of SharePoint servers reportedly at risk, the origin of the attacks is still unknown. CISA, responsible for coordinating responses to cyber threats on critical infrastructure, has faced significant budget cuts, which have reportedly hampered its response efforts.
Are hackers exploiting a critical SharePoint vulnerability?
