July 04, 2026 04:28 pm (IST)
Follow us:
facebook-white sharing button
twitter-white sharing button
instagram-white sharing button
youtube-white sharing button
'Why can't citizens protest against the government? They are being made slaves by slapping cases': Bombay HC slams Mumbai Police, quashes activist's externment | 'First he cheats on me...': Siya Goyal's old pub video goes viral amid probe into fiancé Ketan Agarwal's alleged murder | Ronaldo's goal, Ramos' last-gasp winner send Portugal past Croatia, set up Spain clash | India-US trade deal almost done! Piyush Goyal hints at breakthrough | Ram Mandir donation scam: Champat Rai points finger at his own driver | PM Modi welcomes Japanese PM Sanae Takaichi as India-Japan ties enter a new era | 'Not an isolated incident': India slams Pakistan after 125-year-old historic Gurdwara is demolished | Ram Mandir donation theft: Six accused were employed by Varanasi-based security firm, probe reveals | Ayodhya Ram Temple donation theft: Probe says majority of money was allegedly stolen during Kumbh Mela | Commercial LPG price slashed by Rs 183.50 from July 1; check new rates in Delhi, Mumbai, Kolkata and Chennai
Microsoft
The Microsoft logo. Photo: Unsplash

Chinese hacking group behind recent attacks on SharePoint: Microsoft

| @indiablooms | Jul 25, 2025, at 06:26 pm

Tech giant Microsoft has said Chinese hacking groups were believed to be behind the recent attacks on its SharePoint collaboration software.

In a blog post, Microsoft said: "As of this writing, Microsoft has observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon exploiting these vulnerabilities targeting internet-facing SharePoint servers."

"In addition, we have observed another China-based threat actor, tracked as Storm-2603, exploiting these vulnerabilities to deploy ransomware. Investigations into other actors also using these exploits are still ongoing," the statement said.

"With the rapid adoption of these exploits, Microsoft assesses with high confidence that threat actors will continue to integrate them into their attacks against unpatched on-premises SharePoint systems," the statement further said.

Alerting users, Microsoft recommended that customers use supported versions of on-premises SharePoint servers with the latest security updates.

"To stop unauthenticated attacks from exploiting this vulnerability, customers should also integrate and enable Antimalware Scan Interface (AMSI) and Microsoft Defender Antivirus (or equivalent solutions) for all on-premises SharePoint deployments and configure AMSI to enable Full Mode," the tech giant said.

Support Our Journalism

We cannot do without you.. your contribution supports unbiased journalism

IBNS is not driven by any ism- not wokeism, not racism, not skewed secularism, not hyper right-wing or left liberal ideals, nor by any hardline religious beliefs or hyper nationalism. We want to serve you good old objective news, as they are. We do not judge or preach. We let people decide for themselves. We only try to present factual and well-sourced news.

Support objective journalism for a small contribution.