Urgent: Chinese State-Backed Hackers Exploiting New Microsoft SharePoint Zero-Day; Patches Released
Urgent: Chinese State-Backed Hackers Exploiting New Microsoft SharePoint Zero-Day; Patches Released Security researchers at Google and Microsoft have confirmed that China-backed hacking groups are actively exploiting a critical zero-day vulnerability in Microsoft SharePoint, identified as CVE-2025-53770. This flaw allows attackers to steal sensitive private keys from self-hosted SharePoint versions, enabling them to plant malware and gain unauthorized access to internal documents and network systems. Microsoft reported observing at least three China-linked groups—Linen Typhoon, Violet Typhoon, and Storm-2603—exploiting the bug since…