In July 2025, the ToolShell security vulnerability in Microsoft SharePoint was publicly disclosed and subsequently patched. However, threat actors associated with China quickly exploited this vulnerability to conduct breaches against several high-profile targets. A telecommunications company in the Middle East was among the primary victims, demonstrating the attackers’ focus on key infrastructural entities across different regions.
In addition to the telecommunications company, various government departments in an African country, as well as government agencies in South America, were also targeted. The attackers’ tactics suggest a broad strategy that could include incursion into critical state technology sectors and a U.S. university, indicating a far-reaching operational scope and intent. These incidents highlight the ongoing threat posed by state-sponsored hacking groups and the importance of timely security patching to mitigate vulnerabilities in widely used applications like Microsoft SharePoint.
👉 Pročitaj original: The Hacker News
