A major cyber attack has hit Microsoft server software, compromising around 100 organisations, including government institutions in the United States and Germany. The attack targeted self hosted Microsoft servers, SharePoint, prompting urgent warnings from cyber security firms and Microsoft itself.
Cyber attack on Microsoft servers raises global alarm
The cyber attack was first detected by Eye Security, a Netherlands based cybersecurity firm, after one of its clients was breached on Friday. A joint internet scan by Eye Security and the shadow server Foundation later found nearly 100 victims, even before the hacking method became widely known.
Vaisha Bernard, chief hacker at Eye Security, said the attack was clear and widespread. “It’s unambiguous. Who knows what other adversaries have done since to place other backdoors,” she warned.
According to shadow server, most of the affected organizations are based in the United States and Germany, and some include government bodies. Microsoft confirmed the attack and urged all users of self hosted servers to install the latest security updates without delay.
Cloud-based Microsoft systems remain unaffected, but the breach has raised fresh concerns over the vulnerability of unmanaged or outdated server software. Cyber security experts fear that other threat actors may already be exploiting the same flaw to gain long term access to sensitive data.
The full scale of the cyber attack is still unfolding, with warnings that more backdoors may have been planted in compromised systems before the breach became public.
Read more: 336,999 Pakistanis secure overseas employment in first half of 2025
