Chinese government-aligned hackers have exploited recently disclosed vulnerabilities in Microsoft SharePoint, specifically targeting on-premises versions. Groups named Linen Typhoon and Violet Typhoon are involved, alongside a third group, Storm-2603. Microsoft has high confidence that these exploits will be integrated into ongoing attacks against unpatched SharePoint systems. The flaw primarily impacts SharePoint Enterprise Server versions 2016 and 2019, as well as the Subscription Edition, while cloud environments remain unaffected. Threat analysts predict that multiple actors will exploit this vulnerability further.
Chinese government-aligned hackers have exploited vulnerabilities in Microsoft SharePoint. The groups Linen Typhoon and Violet Typhoon have leveraged these flaws, along with another entity, Storm-2603.
Microsoft assesses with high confidence that threat actors will continue integrating newly disclosed exploits into their attacks on unpatched SharePoint systems.
The vulnerability affects SharePoint Enterprise Server 2016, 2019, and Subscription Edition, but does not impact Microsoft 365 cloud environments.
Google's threat intelligence analysts confirm the involvement of China-linked groups in exploiting these vulnerabilities, with expectations that various actors will continue to leverage this exploit.
Collection
[
|
...
]