Nanya Technology Shares Surge 10% After $2.5 Billion Private Placement from Sandisk and Cisco 
Finnair Orders 18 Embraer E195-E2 Jets in Landmark Fleet Overhaul 
Reflection AI Eyes $25 Billion Valuation in Massive $2.5 Billion Funding Round 
Golden Dome Missile Defense: Anduril and Palantir Join Forces on Trump's $185B Space Shield 
Meta Ties Executive Pay to Aggressive Stock Price Targets in Major Retention Push 
Microsoft Eyes Legal Action as Amazon-OpenAI Deal Threatens Azure Exclusivity 
Elon Musk Confirms SpaceX, xAI, and Tesla Will Continue Large-Scale Nvidia Chip Orders 
Innate Pharma Reports 55% Revenue Drop and €49.2M Net Loss for 2025 
Nintendo Switch 2 Production Cut as Holiday Sales Miss Targets 
SK Hynix Eyes Up to $14 Billion U.S. IPO to Fund AI Chip Expansion 
Micron Technology Beats Q2 Earnings Estimates, Issues Strong AI-Driven Outlook 
Henkel in Advanced Talks to Acquire Olaplex at $2 Per Share 
Trump White House Unveils National AI Policy Framework for Congress 
OpenAI Pulls the Plug on Sora, Ending $1 Billion Disney Partnership 
Air Canada Express Crash at LaGuardia: Controller Distracted by Prior Emergency 
AMD CEO Lisa Su Heads to Samsung's South Korea Chip Facility Amid AI Expansion Talks 
Microsoft (NASDAQ: MSFT) has issued an urgent security alert warning of active zero-day attacks targeting SharePoint servers used by government agencies and enterprises. The tech giant emphasized that the cloud-based SharePoint Online in Microsoft 365 remains unaffected. However, on-premise SharePoint servers, particularly SharePoint Subscription Edition, are at immediate risk due to a critical spoofing vulnerability.
The FBI confirmed awareness of the ongoing attacks and is coordinating with federal and private-sector partners, though it has not disclosed further details. According to The Washington Post, unidentified threat actors recently exploited this flaw to breach multiple U.S. and international organizations. Experts categorize this as a zero-day attack—a type of exploit targeting unknown software vulnerabilities—placing tens of thousands of servers at risk.
Microsoft explained the flaw allows an authorized attacker to conduct spoofing over a network, impersonating trusted sources to manipulate systems or gain unauthorized access. The company has released a security update for SharePoint Subscription Edition and strongly urges users to apply it immediately.
Security patches for SharePoint 2016 and 2019 are in development. Until they are available, Microsoft advises organizations unable to implement recommended malware protections to disconnect vulnerable servers from the internet to prevent potential breaches.
This incident highlights the growing threat to enterprise infrastructure and the importance of timely patch management. Organizations relying on SharePoint for internal collaboration should act swiftly to mitigate the risk. Cybersecurity experts recommend continuously monitoring systems, applying updates promptly, and maintaining layered defenses against evolving threats.
With active exploitation underway, the urgency for patching affected SharePoint servers cannot be overstated. Taking immediate steps can prevent data breaches and safeguard sensitive internal communications.
