A new cyber espionage campaign exploiting a zero-day vulnerability in self-hosted Microsoft SharePoint servers has affected nearly 100 organizations, including government agencies, financial institutions, healthcare providers, and industrial firms. The FBI and UK National Cyber Security Centre are investigating the incident, urging immediate installation of Microsoft’s emergency security patches.

The campaign allows hackers to gain remote code execution and install backdoors, with over 8,000 servers still exposed. The incident highlights the importance of cybersecurity collaboration and proactive defense strategies. Organizations are advised to adopt an “assumed breach” model, audit server logs, and rotate credentials to prevent persistence and future breaches.

Microsoft and international cybersecurity agencies are working together to coordinate incident response measures and update guidance to mitigate the impact of the SharePoint exploit. Industry experts emphasize the need for organizations to deploy threat-hunting teams to search for secondary malware and validate server integrity. The incident underscores the importance of robust cybersecurity practices and rapid response to emerging threats.

Read more at Nasdaq: Microsoft (MSFT) Warns of Active SharePoint Zero-Day Exploit: Patch Urgently