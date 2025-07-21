Menu

Tech

Microsoft’s SharePoint is being hacked by cyberattackers, FBI and CSE warn

By Sean Previl Global News
Posted July 21, 2025 11:12 am
1 min read
FILE - A Microsoft sign and logo are pictured at the company's headquarters, Friday, April 4, 2025, in Redmond, Wash. View image in full screen
FILE - A Microsoft sign and logo are pictured at the company's headquarters, Friday, April 4, 2025, in Redmond, Wash. AP Photo/Jason Redmond, File
Canada’s cybersecurity agency is issuing an alert over attacks it says are impacting Microsoft SharePoint servers, with a warning for organizations to act now to protect their information.

Microsoft issued an alert on Saturday that said the server software being targeted is used by government agencies and businesses to share documents within their organizations.

The company advised that security updates should be applied immediately.

The Cyber Centre is also urging companies to take various actions to reduce risks, including checking for a specific file in their servers.

For news impacting Canada and around the world, sign up for breaking news alerts delivered directly to you when they happen.

Get breaking National news

By providing your email address, you have read and agree to Global News' Terms and Conditions and Privacy Policy.

“The Cyber Centre is aware of exploitation happening in Canada,” the Canadian Centre for Cyber Security wrote in a vulnerability alert.

“CVE-2025-53770 involves a deserialization of untrusted data in on-premises Microsoft SharePoint Servers allowing an unauthorised attacker to execute code over a network.”

Those who use SharePoint Online in Microsoft 365, which is in the cloud, have not been impacted.

Global News has reached out to the federal government and Communications Security Establishment Canada to inquire if any departments have been impacted.

The FBI said on Sunday that it was aware of the attacks and is working closely with federal and private-sector partners, but offered no other details.

The Washington Post, which first reported the hacks, said unidentified actors in the past few days had exploited a flaw to launch an attack that targeted U.S. and international agencies and businesses.

In the alert, Microsoft said a vulnerability “allows an authorized attacker to perform spoofing over a network.” It issued recommendations to stop the attackers from exploiting it.

— with files from Reuters

© 2025 Global News, a division of Corus Entertainment Inc.

