Techly NewsGet the app

Get the latest tech news

Google, Microsoft say Chinese hackers are exploiting SharePoint zero-day


The tech giants have evidence that Chinese hackers are exploiting the new bug, but warned "multiple actors" are also hacking into affected SharePoint systems.

The bug, known officially as CVE-2025-53770 and discovered last weekend, allows hackers to steal sensitive private keys from self-hosted versions of SharePoint, a software server widely used by companies and organizations to store and share internal documents. Hackers backed by China were accused of targeting self-hosted Microsoft Exchange email servers in 2021 as part of a mass-hacking campaign. According to a recent Justice Department indictment accusing two Chinese hackers of masterminding the breaches, the so-called “Hafnium” hacks compromised contact information and private mailboxes from more than 60,000 affected servers.

Get the Android app

Or read this on TechCrunch

Read more on:

Photo of Google

Google

Photo of Microsoft

Microsoft

Photo of Chinese

Chinese

Related news:

News photo

Microsoft patches critical SharePoint 2016 zero-days amid active exploits

News photo

Microsoft Says Chinese Hackers Exploiting SharePoint Flaws

News photo

Microsoft just upgraded Sentinel with an AI-powered data lake - here's how it works

« Cisco: Maximum-severity ISE RCE flaws now exploited in attacks
Onstage at TechCrunch Disrupt 2025: How AI is forcing late-stage startups to rewire GTM — or be left behind »