Join the movement to end censorship by Big Tech. StopBitBurning.com needs donations and support.
Chinese hackers exploit Microsoft flaw to breach U.S. government agencies and global entities
By kevinhughes // 2025-07-28
Mastodon
Parler
Gab
Copy
- Chinese state-affiliated hackers exploited a critical Microsoft SharePoint vulnerability (CVE-2024-6101), stealing cryptographic keys to impersonate legitimate users and infiltrate U.S. government agencies, including the National Nuclear Security Administration, as well as 400+ global organizations.
- The breach affected the Department of Energy, Department of Education, state agencies and organizations worldwide, including energy firms, universities and consulting companies across Europe, the Middle East and the Americas.
- Despite Microsoft's July security patches, hackers bypassed fixes, maintaining persistence in compromised systems by stealing authentication keys. Around 100 servers in 60 organizations remained vulnerable post-patch.
- Microsoft attributed the attacks to Chinese-linked groups (Linen Typhoon, Storm-2603) and urged organizations to adopt cloud-based defenses and layered security. The U.S. government criticized Microsoft's security culture, prompting internal reforms and hires of ex-government cybersecurity experts.
- The incident reflects state-sponsored cyber espionage for political and economic gain. China denied involvement, calling accusations "unfounded." Experts stress the need for enhanced global cybersecurity amid rising sophisticated threats.
Exploiting a critical vulnerability
The cyberattack took advantage of a zero-day flaw in Microsoft SharePoint, allowing the hackers to gain unauthorized access and steal cryptographic keys. These keys could potentially enable the attackers to impersonate legitimate users or services within the compromised systems. Microsoft has attributed the attacks to groups known as Linen Typhoon, Violet Typhoon and Storm-2603, all believed to have ties to the Chinese government. TrustedSec Security Intelligence Director Carlos Perez described the exploited vulnerability as "critical" and "already being actively exploited at scale." He emphasized that the flaw allows attackers to execute remote code on SharePoint servers, posing a severe threat to enterprise-level infrastructure.Impact on U.S. government agencies
The U.S. Department of Energy, which includes the NNSA, confirmed that it experienced a disruption but stated that the impact was minimal due to its robust cybersecurity measures. "The department was minimally impacted due to its widespread use of the Microsoft M365 cloud and very capable cybersecurity systems," a spokesman said. "A very small number of systems were impacted, and all are being restored." The breach also affected the U.S. Department of Education, the Florida Department of Revenue and the Rhode Island General Assembly.Global reach and ongoing threat
The attacks did not stop at government agencies. Cybersecurity firm Eye Security revealed that the breach compromised around 400 entities globally, highlighting the widespread nature of the attack. Energy firms, consulting companies and universities were also targeted, with breaches detected on over 100 servers across 60 different organizations. Cybersecurity researchers have identified victims in countries such as Saudi Arabia, Vietnam, Oman, the United Arab Emirates, South Africa, the European Union and the Americas. Despite Microsoft releasing security patches in July, attackers have found ways to circumvent them. Eye Security's Chief Hacker and Co-owner, Vaisha Bernard, explained that the vulnerabilities allowed attackers to steal authentication keys and remain inside systems even after updates and reboots. "There were ways around the patches," Bernard said, emphasizing the persistent threat posed by these attacks.Broader implications and Microsoft's response
The breaches have raised concerns about the security of Microsoft's software and its ability to protect sensitive information. The U.S. government has criticized Microsoft's security culture, calling for urgent reforms. In response, Microsoft has been holding weekly meetings with top executives and hiring security experts, including former government officials, to bolster its defenses. (Related: US and allies condemn China for massive cyberattack against Microsoft email servers.) Microsoft continues to urge organizations to apply all security updates, move to cloud-based systems and implement multiple layers of security to detect and prevent suspicious activity. The company has released "new comprehensive security updates" and stressed the importance of immediate action to prevent further exploitation.International response and denials
The Chinese Embassy in Washington has rejected the claims, stating, "China firmly opposes all forms of cyberattacks and cybercrime." The embassy emphasized the need for evidence-based conclusions rather than "unfounded speculation and accusations." Cybersecurity experts believe these attacks are part of a larger strategy to use business software hacks for political or economic gain. As the investigation continues, the full extent of the breach and its consequences are yet to be fully revealed. This incident underscores the growing sophistication and global scale of cyber threats, highlighting the urgent need for enhanced cybersecurity measures and international cooperation to combat state-sponsored cyber espionage. Follow CommunistChina.news for more news about Chinese hackers. Watch the video below about hackers allegedly linked to the Chinese government who gained unauthorized access to several files on U.S. Treasury Secretary Janet Yellen's computer. This video is from the Cynthia's Pursuit of Truth channel on Brighteon.com.More related stories:
Chinese hackers are deep inside America's networks: A national security warning that won't fade. Cybersecurity official warns: Americans must prepare for CYBERATTACKS from Chinese hackers. U.S. experts sound the alarm: China's cyber espionage threat grows as Salt Typhoon breaches U.S. telecom giants. Chinese hackers target U.S. defense, national security networks ahead of Election Day. Sources include: TheNationalPulse.com TheIndependent.co.UK InterestingEngineering.com Brighteon.comMastodon
Parler
Gab
Copy
Tagged Under:
China national security terrorism Microsoft cybersecurity cyber warfare Middle East cyberattacks cyber espionage conspiracy Europe big government insanity dangerous tech giants cybercrime Big Tech technocrats CCP NNSA cyber threats Linen Typhoon Violet Typhoon Storm-2603
You Might Also Like
U.K.’s Online Safety Act sparks outcry after X restricts access to protest footage
By Laura Harris // Share
CYBERATTACK on major French naval defense company raises national security alarms
By Ramon Tomey // Share
The erosion of Zelensky’s wartime leadership: EU aid to Ukraine cut amid corruption concerns
By Belle Carter // Share
BRICS; A new global order? – Battle of the giants – Letter from South Africa [07-26-25]
By News Editors // Share
Recent News
Berries: A top anti-diabetes food
By newseditors // Share
U.K.'s Online Safety Act sparks outcry after X restricts access to protest footage
By lauraharris // Share
BRICS; A new global order? – Battle of the giants – Letter from South Africa [07-26-25]
By newseditors // Share
Popular This Week