Salt Typhoon Hacks SharePoint, Hits 3 Governments

Chinese-linked threat group Salt Typhoon exploited a critical Microsoft SharePoint flaw to breach government systems across three continents, according to security researchers. The campaign, described as more widespread than initially believed, shows how Salt Typhoon hacks SharePoint vulnerabilities to infiltrate sensitive networks. Investigators now suspect multiple Chinese-affiliated actors participated in the wave of attacks.

The exploited flaw, tracked as CVE-2025-53770, allowed attackers to gain unauthorized access to SharePoint servers. Analysts say the group used the vulnerability to target government entities, although the exact number of affected organizations remains unclear. The cyberattacks demonstrate a growing trend of state-backed actors weaponizing enterprise software flaws for espionage.

Researchers emphasized that Salt Typhoon hacks SharePoint systems using advanced techniques, likely indicating a high degree of coordination. The findings raise concerns about the security of widely deployed collaboration platforms in the public sector.

Read the full report here:
https://go.theregister.com/feed/www.theregister.com/2025/10/22/salt_typhoon_sharepoint_attacks/