Cyber Blog

On July 22, 2025, the U.S. government issued an urgent warning after discovering that foreign hackers had found a way to break into Microsoft SharePoint, a popular tool used by many businesses and government agencies to share documents and collaborate online.

The Cybersecurity and Infrastructure Security Agency (CISA), which helps protect the country from cyberattacks, told federal agencies they had to fix the problem by July 23. That’s because hackers—believed to be working for the Chinese government—were already using these flaws to sneak into computer systems.

These hackers took advantage of two weaknesses (called “vulnerabilities”) in SharePoint to get inside networks without permission. Once in, they planted special tools to help them stay hidden and take control of systems. Microsoft said the attacks began in early July and targeted organizations that still run SharePoint on their own servers rather than using the cloud version.

After getting in, the hackers used sneaky methods to copy important information, move around inside the networks, and download files without being noticed. They even disguised dangerous software to look like harmless files so that it wouldn’t get caught by antivirus programs.

CISA warned that simply blocking the attack isn’t enough. The only real way to stay safe is to install the updates (called “patches”) provided by Microsoft. These updates fix the weaknesses and stop hackers from getting in.

In short: If your organization uses SharePoint and hasn’t updated it recently, it’s at serious risk. Cybersecurity experts strongly recommend installing the latest updates immediately to stay protected.