Explosion and Fire Erupt at Valero Oil Refinery in Port Arthur, Texas 
OpenAI Pulls the Plug on Sora, Ending $1 Billion Disney Partnership 
Cyberattack on Stryker Triggers U.S. Government Warning Over Microsoft Intune Security 
Elliott Investment Management Takes Multibillion-Dollar Stake in Synopsys 
Palantir's Maven AI Earns Pentagon "Program of Record" Status, Reshaping Military AI Strategy 
Meta Ties Executive Pay to Aggressive Stock Price Targets in Major Retention Push 
Merck's $6 Billion Bid for Terns Pharma Signals Bold Oncology Push 
Reflection AI Eyes $25 Billion Valuation in Massive $2.5 Billion Funding Round 
Jeff Bezos Eyes $100 Billion Fund to Transform Manufacturing With AI 
AMD CEO Lisa Su Heads to Samsung's South Korea Chip Facility Amid AI Expansion Talks 
Air Canada Express Crash at LaGuardia: Controller Distracted by Prior Emergency 
Rio Tinto's Resolution Copper Mine: U.S. Smelting Challenges and Global Operations Update 
NAB Plans to Cut 170 Jobs While Expanding Offshore Operations 
Google's TurboQuant Algorithm Sends Memory Chip Stocks Tumbling 
Goldman Sachs Raises ECB Rate Hike Forecast Amid Persistent Energy-Driven Inflation 
Nintendo Switch 2 Production Cut as Holiday Sales Miss Targets 
NVIDIA's Feynman AI Chip May Face Redesign Amid TSMC Capacity Crunch 
Microsoft (NASDAQ: MSFT) has issued an urgent security alert warning of active zero-day attacks targeting SharePoint servers used by government agencies and enterprises. The tech giant emphasized that the cloud-based SharePoint Online in Microsoft 365 remains unaffected. However, on-premise SharePoint servers, particularly SharePoint Subscription Edition, are at immediate risk due to a critical spoofing vulnerability.
The FBI confirmed awareness of the ongoing attacks and is coordinating with federal and private-sector partners, though it has not disclosed further details. According to The Washington Post, unidentified threat actors recently exploited this flaw to breach multiple U.S. and international organizations. Experts categorize this as a zero-day attack—a type of exploit targeting unknown software vulnerabilities—placing tens of thousands of servers at risk.
Microsoft explained the flaw allows an authorized attacker to conduct spoofing over a network, impersonating trusted sources to manipulate systems or gain unauthorized access. The company has released a security update for SharePoint Subscription Edition and strongly urges users to apply it immediately.
Security patches for SharePoint 2016 and 2019 are in development. Until they are available, Microsoft advises organizations unable to implement recommended malware protections to disconnect vulnerable servers from the internet to prevent potential breaches.
This incident highlights the growing threat to enterprise infrastructure and the importance of timely patch management. Organizations relying on SharePoint for internal collaboration should act swiftly to mitigate the risk. Cybersecurity experts recommend continuously monitoring systems, applying updates promptly, and maintaining layered defenses against evolving threats.
With active exploitation underway, the urgency for patching affected SharePoint servers cannot be overstated. Taking immediate steps can prevent data breaches and safeguard sensitive internal communications.
