Dreniq NewsDreniq News
  • News
  • Technology
  • Business
  • Entertainment
  • Science / Health
Facebook Twitter Instagram
  • Contact Us
  • About Us
  • Privacy Policy
Facebook Twitter Instagram
Dreniq NewsDreniq News
Subscribe
  • News
  • Technology
  • Business
  • Entertainment
  • Science / Health
Dreniq NewsDreniq News
Home » News » Technology » How Chinese Hackers Capitalized on Microsoft’s Security Slip-Up?
Technology

How Chinese Hackers Capitalized on Microsoft’s Security Slip-Up?

Angela McCainBy Angela McCainJuly 31, 20254 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
How Chinese Hackers Capitalized on Microsoft's Security Slip-Up?
Share
Facebook Twitter LinkedIn Pinterest Email

Inside the SharePoint Breach: Why Microsoft’s Security Failures Left Agencies Exposed

Chinese-backed hackers have exploited a severe SharePoint Server vulnerability and are reported to have hacked into hundreds of systems worldwide.

The vulnerability, unearthed in early July, pertained to on-premises SharePoint configurations and allowed attackers to execute remote commands without providing legitimate credentials.

Before Microsoft had a patch ready, the flaw had already been weaponized. More than 400 organizations, such as prominent government departments and international companies, were hit. Officials say the break happened rapidly, taking advantage of a security hole before most customers could act.

US Nuclear Agency Among Key Targets

Among the compromised systems were those used by sensitive US government agencies, including the Department of Homeland Security and the Department of Energy, which is responsible for the nation’s nuclear weapons. While no classified information has been verified as stolen, the extent of access attained by the attackers has caused serious concern.

Officials explained that SharePoint servers hold internal documents, employee data, and project information. Access to such systems – no matter how temporary – represents a significant national security threat.

China-Licensed Groups Spearheaded the Attack

Microsoft has identified the cyberattack on the three advanced persistent threat (APT) groups. Two of them – ‘Linen Typhoon’ and ‘Violet Typhoon’ – are reportedly associated with Chinese state-sponsored activities. The third group, which goes by the name ‘Storm-2603,’ has a history of using ransomware.

These actors leveraged the SharePoint vulnerability to exfiltrate credentials, deliver backdoors, and establish long-term persistence within networks. Microsoft’s investigation uncovered that one of the groups even planted a fresh ransomware variant named ‘Warlock,’ which indicates that the groups have a double motive of spying and financial remuneration.

Microsoft’s Early Warning System Under Scrutiny

The leak has prompted concerns over Microsoft’s vulnerability disclosure procedures. The firm runs a scheme known as MAPP (Microsoft Active Protections Program), which exposes preliminary information about vulnerabilities to a limited number of partners to enable them to develop defenses.

Now, Microsoft is investigating whether one of those partners exposed details of the SharePoint vulnerability. If so, it would account for how quickly attackers built their tools, days before the public fix became available. The MAPP program is being reviewed internally now.

Patch Published, but Attackers Remained Ahead

Microsoft released emergency fixes on July 19 and 22. However, reports indicate that attackers had already reverse-engineered the patches and begun exploiting systems before they could be patched.

In a few instances, patched systems were not secure either. Hackers used stolen machine keys to masquerade as users and leapfrog authentication mechanisms. Security experts indicate the attackers acted quickly and precisely, capitalizing on sluggish patch rollouts and lax server defenses.

Older Systems Are More Vulnerable

The current violation has put in focus one much bigger issue – too many organisations are chasing after old on-premise software. Though still widely used, SharePoint Server rarely has the automatic update facilities and those sorts of cloud-scale protections offered by modern versions of Microsoft products.

Experts warned that legacy systems are prime targets for well-financed hacking groups. Here, too, the attackers found very easy entry through outdated infrastructure. Most of the targeted organizations were not on SharePoint Online, which was not susceptible to the particular vulnerability.

Lawmakers, Experts Demand Accountability

The incident has evoked stern criticism of Microsoft’s security record. Lawmakers in the US and Europe are now calling for more transparency and supervision. This is not Microsoft’s first big security misstep. In 2021, the Hafnium group exploited Exchange Server vulnerabilities to breach thousands of systems. In 2023, Chinese actors breached US State Department email accounts.

Critics argue Microsoft has prioritised product growth and integration over cybersecurity, especially for older tools still widely used by governments and enterprises.

A Wake-Up Call for Global Cybersecurity

This attack has demonstrated how rapidly threat actors will leverage even established platforms. The SharePoint breach shows that even after a patch has been deployed, slow implementation can leave systems wide open. It also highlights how early access to vulnerability information can tip the balance in favour of the attackers.

Microsoft has issued new recommendations on how to detect and counter the breach. The company advises rotating machine keys, hunting for web shells, examining logs, and installing all available patches.

This is a warning for the broader tech and policy community that the price of delayed response and careless legacy system management is only increasing. In a world becoming ever more defined by digital threats, security has to precede convenience.

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Previous ArticleTransform Your Ideas with a Ludo Game Developer Expert
Next Article Adventures Beyond the Typical Tourist Traps: Dubai’s Hidden Gems
Angela McCain

Angela is a senior editor at Dreniq News. She has written for many famous news agencies.

Related Posts

How to Choose the Right Access System

July 14, 2025

Why Every Business Needs a Website: How and Why to Create One

July 12, 2025

Mining Power Supply Challenges? Hybrid Systems Cut Fuel and Costs

July 1, 2025
Follow Us
  • Facebook
  • Twitter
  • Instagram
  • YouTube
Google News
Lastest Articles
Adventures Beyond the Typical Tourist Traps: Dubai’s Hidden Gems
August 1, 2025
How Chinese Hackers Capitalized on Microsoft’s Security Slip-Up?
July 31, 2025
Transform Your Ideas with a Ludo Game Developer Expert
July 30, 2025
Mommy Makeover Risks and Benefits: Is It Worth It?
July 29, 2025
Is Your SIP Portfolio on Track? 4 Signs it Might Not Be
July 23, 2025
How to Build a VR Game for Oculus Quest and PSVR
July 18, 2025
How to Choose the Right Access System
July 14, 2025
5 Quick and Easy Tips to Improve Memory
July 13, 2025
Why Every Business Needs a Website: How and Why to Create One
July 12, 2025
Introducing a Unique Karaoke Bar Experience in Korea
July 11, 2025
5 Tips to Keep in Mind When Choosing a Security Door for Your Home
July 11, 2025
Demystifying Muscle Recovery for Everyday Athletes
July 9, 2025
Dreniq News
Facebook Twitter Instagram YouTube RSS
  • Contact Us
  • About Us
  • Privacy Policy
2025 © Dreniq

Type above and press Enter to search. Press Esc to cancel.