Active SharePoint exploits since July 7 target governments and tech firms globally, risking key theft and persistent access.

Researchers first uncovered a sweeping cyber espionage operation targeting Microsoft server software affecting at least 100 organisations.

According to data from Shodan, a search engine that helps to identify internet-linked equipment, over 8,000 servers online could theoretically have already been compromised by hackers.

Microsoft Corp. advirtió que piratas informáticos están atacando activamente a los clientes de su software de gestión de documentos SharePoint, y los investigadores de seguridad han señalado el riesgo de que se produzcan violaciones de seguridad a gran escala en todo el mundo.

Microsoft has issued a security warning over ongoing cyberattacks targeting its SharePoint server software, which is widely used by government agencies and businesses for internal document sharing. The company is advising customers to apply patches immediately to avoid exploitation.

At least 85 servers worldwide have been compromised through a Microsoft service vulnerability that has been used to achieve remote code execution.

The zero-day flaw, tracked as CVE-2025-53770 (CVSS score: 9.8), has been described as a variant of CVE-2025-49706 (CVSS score: 6.3), a spoofing bug in Microsoft SharePoint Server that was addressed by the tech giant as part of its July 2025 Patch Tuesday updates.