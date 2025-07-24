Your support helps us to tell the story Read more Support Now From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging. At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story. The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it. Your support makes all the difference. Read more

Chinese hackers have breached several hundred government agencies and corporations after exploiting cyber security vulnerabilities within Microsoft’s SharePoint software, researchers have revealed.

Microsoft said that the servers for its document-sharing software were breached by China-based “threat actors”, and that an investigation is ongoing.

Security firm Eye Security said that 400 organisations and agencies were impacted, with Bloomberg reporting that victims included the US agency responsible for overseeing nuclear weapons, as well as national governments in Europe and the Middle East.

Microsoft linked the attack to two main groups, Linen Typhoon and Violet Typhoon, and flagged that another China-based group, Storm-2603, had also targeted its systems.

The company said in a message to customers that it has since released “new comprehensive security updates” to deal with the incident.

It said it had “high confidence” that firms who do not install the new security updates could be targeted by the groups.

In a statement, the company added: “Investigations into other actors also using these exploits are still ongoing.”

The tech firm said the attackers had been uploading malicious scripts which are then “enabling the theft of the key material” by hackers.

Security researchers warned that the full extent of the breach and its consequences are yet to be fully revealed.

“This is a critical vulnerability with wide reaching implications,” Carlos Perez, director of security intelligence at TrustedSec, who previously trained US military cyber protection teams, told The Independent.

“It enables unauthenticated remote code execution on SharePoint servers, which are a core part of enterprise infrastructure. It is already being actively exploited at scale, and it only took 72 hours from the time a proof of concept was demonstrated for attackers to begin mass exploitation campaigns.

“What makes it even more severe is the way it exposes cryptographic secrets, effectively allowing attackers to convert any authenticated SharePoint request into remote code execution. That is a dangerous capability to put into the hands of threat actors.”

Additional reporting from agencies.