Global Cyberattack Exploits Microsoft SharePoint Zero‑Day, Threatening Thousands of Organizations

Today, cybersecurity researchers revealed a sophisticated global attack targeting on-premises Microsoft SharePoint servers via a previously unknown zero‑day vulnerability. Analysts believe the breach was orchestrated by a single actor using consistent payloads and methods across diverse targets, including industrial firms, banks, auditors, healthcare institutions, universities, and government agencies—potentially compromising over 8,000 servers worldwide. Microsoft confirmed that SharePoint Online within Microsoft 365 remains unaffected and has released emergency patches for SharePoint Subscription Edition and 2019. However, the vulnerability persists in older versions, and experts warn that patching alone may not reverse data exposure or system access that has already occurred. The FBI, in collaboration with federal and private partners, is investigating the incident, while the UK’s cybersecurity team has yet to issue a statement. Security professionals stress the importance of assuming compromise, implementing in-depth incident response, and reinforcing detection and remediation strategies across affected environments