Unpatched Pathways: Microsoft's Flaw Sparks Global Cyber Espionage

A recent Microsoft security patch failed to fully fix a critical flaw in SharePoint server software, leaving about 100 organizations vulnerable to cyber espionage. Two Chinese hacking groups, 'Linen Typhoon' and 'Violet Typhoon,' are exploiting the flaw. The breach includes U.S. National Nuclear Security Administration systems.


Devdiscourse News Desk | Updated: 23-07-2025 07:26 IST | Created: 23-07-2025 07:26 IST
Unpatched Pathways: Microsoft's Flaw Sparks Global Cyber Espionage
This image is AI-generated and does not depict any real-life event or location. It is a fictional representation created for illustrative purposes only.

This month, Microsoft released a security patch aimed at addressing a critical flaw in its SharePoint server software. However, the patch has proven insufficient, leaving the door open for a widespread cyber espionage operation, as confirmed by a Microsoft spokesperson on Tuesday.

Despite the company's efforts to resolve the vulnerability identified during a hacker competition in May, two Chinese hacking groups, known as 'Linen Typhoon' and 'Violet Typhoon,' along with another Chinese-based group, continue to exploit the flaw. The groups have targeted about 100 organizations, including the U.S. National Nuclear Security Administration, though no sensitive information has reportedly been compromised.

Trend Micro, which organized the Berlin competition that uncovered the flaw, emphasized the importance of vendors patching vulnerabilities promptly. British cybersecurity firm Sophos noted an increase in malicious online activity targeting SharePoint servers even after Microsoft released patches in July.

(With inputs from agencies.)

Give Feedback