The latest CVE-2025-53770 incident, with a critical risk of 9.8, could be a signal for some compulsory introduction of governmental supervision.
On July 18, 2025, cybersecurity researchers identified and reported a widespread exploitation campaign targeting a critical Zero Day vulnerability in Microsoft SharePoint’s on-premises server software.
The flaw, named as CVE-2025-53770 (9.8 criticality), had allowed attackers to gain unauthorized, remote code execution access without login credentials, ultimately paving the way for digital key theft and deeper infiltration of compromised systems.
According to multiple security firms, the campaign intensified on 18 July and 19 July, affecting government, telecommunications, energy, and software companies globally. Initial exploits had surfaced in Western government and private sector systems but those had quickly expanded.
Attackers leveraged custom web shells to extract and print sensitive cryptographic. The theft of these keys had enabled attackers to forge authentication tokens and potentially bypass post-patch protections:
According to researchers at Eye Security: “Once inside, they’re exfiltrating sensitive data, deploying persistent backdoors, and stealing cryptographic keys.” Threat analysts from Kaspersky have commented: “The vulnerability might still be exploitable even after patching unless organizations take extra steps like rotating cryptographic keys.”
Reports suggest the campaign had compromised as many as 100 organizations by the weekend following discovery, including several US federal agencies, universities, energy firms, and at least one telecommunications provider in Asia. Microsoft has been notified, and the firm has acknowledged the gravity of the flaw. As emergency patches are rolled out for newer SharePoint editions, the firm is facing criticism for an earlier incomplete fix, as attackers reportedly exploited a previously patched but still vulnerable component.
The US Cybersecurity and Infrastructure Security Agency has issued urgent guidance recommending that potential victims disconnect internet-facing servers, rotate digital keys, and remain vigilant for further attacks. Even a US congressional hearing last year to evaluate Microsoft’s cybersecurity failures has not stopped the current vulnerability from surfacing. The firm’s autonomous stewardship over the world’s computing infrastructure management may require more governmental intervention, according to past reports.
