Global Hack on Microsoft Hits US State Agencies

The Microsoft logo seen at the Hannover Messe industrial trade fair on March 31, 2025, in Hanover, Germany (Reuters) 
The Microsoft logo seen at the Hannover Messe industrial trade fair on March 31, 2025, in Hanover, Germany (Reuters) 
TT

Global Hack on Microsoft Hits US State Agencies

The Microsoft logo seen at the Hannover Messe industrial trade fair on March 31, 2025, in Hanover, Germany (Reuters) 
The Microsoft logo seen at the Hannover Messe industrial trade fair on March 31, 2025, in Hanover, Germany (Reuters) 

Hackers exploited a major security flaw in widely used Microsoft server software to launch a global attack on government agencies and businesses in the past few days, breaching US federal and state agencies, universities, energy companies and an Asian telecommunications company, according to state officials and private researchers.

Microsoft on Saturday issued an alert about “active attacks” on self-hosted SharePoint servers, which are widely used by organizations to share documents and collaborate within organizations. SharePoint instances run off of Microsoft servers were unaffected.

The FBI said on Sunday it was aware of the attacks and was working closely with its federal and private-sector partners, but offered no other details.

The “zero-day” attack, so called because it targeted a previously unknown vulnerability, is only the latest cybersecurity embarrassment for Microsoft.

Last year, the company was faulted by a panel of US government and industry experts for lapses that enabled a 2023 targeted Chinese hack of US government emails, including those of then-Commerce Secretary Gina Raimondo.

This most recent attack compromises only those servers housed within an organization — not those in the cloud, such as Microsoft 365, officials said.

After first suggesting that users make modifications to or simply unplug SharePoint server programs from the internet, the company on Sunday evening released a patch for one version of the software.

Two other versions remain vulnerable and Microsoft said it is continuing to work to develop a patch.

Microsoft updated its guidance Sunday with instructions to fix the problem for SharePoint Server 2019 and SharePoint Server Subscription Edition. Engineers were still working on a fix for the older SharePoint Server 2016 software.

“Anybody who’s got a hosted SharePoint server has got a problem,” said Adam Meyers, senior vice president with CrowdStrike, a cybersecurity firm. “It’s a significant vulnerability.”

Pete Renals, a senior manager with Palo Alto Networks’ Unit 42 said, “We are seeing attempts to exploit thousands of SharePoint servers globally before a patch is available. We have identified dozens of compromised organizations spanning both commercial and government sectors.’’

With access to these servers, which often connect to Outlook email, Teams and other core services, a breach can lead to theft of sensitive data as well as password harvesting, Netherlands-based research company Eye Security noted, according to The Washington Post.

What’s also alarming, researchers said, is that the hackers have gained access to keys that may allow them to regain entry even after a system is patched.

“So pushing out a patch on Monday or Tuesday doesn’t help anybody who’s been compromised in the past 72 hours,” said one researcher, who spoke on the condition of anonymity because a federal investigation is ongoing.

It was not immediately clear who is behind the hacking of global reach or what its ultimate goal is.

One private research company found the hackers targeting servers in China as well as a state legislature in the eastern United States. Eye Security said it has tracked more than 50 breaches, including at an energy company in a large state and several European government agencies.

Others that were breached included a government agency in Spain, a local agency in Albuquerque and a university in Brazil, security researchers said.

One state official in the eastern US said the attackers had “hijacked” a repository of documents provided to the public to help residents understand how their government works. The agency involved can no longer access the material, but it wasn’t clear whether it was deleted.

Some security companies said they had not seen deletions in the SharePoint attacks, only the theft of cryptographic keys that would allow the hackers to reenter the servers.

CISA spokesperson Marci McCarthy said the agency was alerted to the issue Friday by a cyber research firm and immediately contacted Microsoft.

Microsoft has been faulted in the past for issuing fixes that are too narrowly designed and leave similar avenues open to attack.

 



France Opens Terror Probe after Guns Found in Car Near Synagogue

People picnic in the shadow of a tree to protect from the sun during a heatwave by the Daumesnil Lake at the Bois de Vincennes park in Paris on July 11, 2026. (Photo by Behrouz MEHRI / AFP)
People picnic in the shadow of a tree to protect from the sun during a heatwave by the Daumesnil Lake at the Bois de Vincennes park in Paris on July 11, 2026. (Photo by Behrouz MEHRI / AFP)
TT

France Opens Terror Probe after Guns Found in Car Near Synagogue

People picnic in the shadow of a tree to protect from the sun during a heatwave by the Daumesnil Lake at the Bois de Vincennes park in Paris on July 11, 2026. (Photo by Behrouz MEHRI / AFP)
People picnic in the shadow of a tree to protect from the sun during a heatwave by the Daumesnil Lake at the Bois de Vincennes park in Paris on July 11, 2026. (Photo by Behrouz MEHRI / AFP)

French anti-terrorist prosecutors on Sunday opened an investigation after weapons were found in a car parked in a Paris suburb that is home to a large Jewish population.

Three hundred people were evacuated on Saturday evening from a neighborhood in Sarcelles, north of Paris, following reports of a suspicious vehicle, which was found to contain "a military-grade weapon", according to the interior minister.

An investigation has been launched "on charges of forming a terrorist criminal organization with a view to preparing crimes involving attacks on persons and the transport, possession and acquisition of weapons in connection with a terrorist enterprise," the prosecutors said.

Interior Minister Laurent Nunez said on BFMTV that the vehicle was found near one of the town's several synagogues.

"We do not yet know the motives," Nunez said, adding that "the individuals have not yet been identified."

A security cordon had been set up on Saturday evening around the car, which was parked in a busy neighborhood near a cinema and restaurants that were evacuated in the early evening.

Bomb disposal experts found no explosives, but according to a police source, the stolen car contained an assault-style rifle and a handgun.

Nunez stated that three attacks had been foiled since the start of the year, including a knife attack last February on a gendarme beneath the Arc de Triomphe during the ceremony to rekindle the flame at the Tomb of the Unknown Soldier.


Driver in Chile Runs Over and Kills 6 People at Festival

This aerial view shows Punta de Lobos beach in the coastal city of Pichilemu, O'Higgins Region, Chile, on July 8, 2026. (Photo by Rodrigo ARANGUA / AFP)
This aerial view shows Punta de Lobos beach in the coastal city of Pichilemu, O'Higgins Region, Chile, on July 8, 2026. (Photo by Rodrigo ARANGUA / AFP)
TT

Driver in Chile Runs Over and Kills 6 People at Festival

This aerial view shows Punta de Lobos beach in the coastal city of Pichilemu, O'Higgins Region, Chile, on July 8, 2026. (Photo by Rodrigo ARANGUA / AFP)
This aerial view shows Punta de Lobos beach in the coastal city of Pichilemu, O'Higgins Region, Chile, on July 8, 2026. (Photo by Rodrigo ARANGUA / AFP)

A driver plowed into people at a street festival Sunday in Chile, killing at least six, police said.

The man reportedly lost control of the vehicle at the festival in the city of Vina del Mar, Jorge Guaita, a police official, told AFP.

Another seven people were injured but their lives are not in danger, he added.

Early reports said the driver was speeding on a road running alongside the festival site.

The driver was detained and will be tested for alcohol consumption, Guaita said.


Ukraine's PM Steps Down as Zelenskyy Announces Government Reshuffle

FILED - 12 June 2024, Berlin: FILE PHOTO - Yulia Svyrydenko speaks to journalists at the Ukraine Reconstruction Conference. Photo: Britta Pedersen/dpa
FILED - 12 June 2024, Berlin: FILE PHOTO - Yulia Svyrydenko speaks to journalists at the Ukraine Reconstruction Conference. Photo: Britta Pedersen/dpa
TT

Ukraine's PM Steps Down as Zelenskyy Announces Government Reshuffle

FILED - 12 June 2024, Berlin: FILE PHOTO - Yulia Svyrydenko speaks to journalists at the Ukraine Reconstruction Conference. Photo: Britta Pedersen/dpa
FILED - 12 June 2024, Berlin: FILE PHOTO - Yulia Svyrydenko speaks to journalists at the Ukraine Reconstruction Conference. Photo: Britta Pedersen/dpa

Ukrainian Prime Minister Yulia Svyrydenko stepped down on Sunday as President Volodymyr Zelenskyy announced fresh changes to Ukraine's government, saying he had offered a new and important position to the former premier.

Zelenskyy, who has remained in office under martial law because wartime elections are prohibited, has periodically reshuffled his government in an effort to bring fresh momentum to his administration.

Svyrydenko, who has served as Ukraine’s economy minister, was named prime minister in July 2025 at the age of 39 after playing a lead role in securing a mineral agreement between Ukraine and the United States, seen as an important way of tying US interests to Ukraine’s security.

In a statement on social media, Svyrydenko said she was “proud to have had the honor of leading the government during one of the most difficult periods in Ukraine’s modern history.”

She also said she had discussed “next steps” with Zelenskyy, but did not provide further details.

“I remain ready to serve the Ukrainian state and carry out every task aimed at strengthening Ukraine’s position, defending our national interests and bringing a just peace closer,” she said.

Zelenskyy announced her resignation in a post saying that Ukraine was “changing its political strategy.”

According to The Associated Press, he also said he had offered Svyrydenko the opportunity to lead “a new, important area” in Ukraine’s relations with a key international partner.

“Each priority area of foreign policy will be assigned to a specific person with substantial experience who is capable of implementing what we agree on at the leaders’ level and what the Ukrainian people expect,” Zelenskyy said, describing the impending reshuffle.

The Ukrainian leader also said there would be changes among the top ranks of Ukraine's law enforcement agencies.

Zelenskyy met with a series of senior officials following the announcement, including Energy Minister Denys Shmyhal, Interior Minister Ihor Klymenko and Defense Minister Mykhailo Fedorov.

The overhaul, which Zelenskyy has yet to explain in detail, would be the fourth major reorganization of his government since the start of Russia’s full-scale invasion.