Microsoft Sharepoint server vulnerability puts an estimated 10,000 organizations at risk

A major zero-day security vulnerability in Microsoft's SharePoint server software has been exploited by hackers, affecting an estimated 10,000 organizations. The flaw allows hackers to access file systems, internal configurations, and even execute code, potentially leading to complete system takeover. Microsoft has released a security patch to mitigate the attacks, which have already impacted universities, energy companies, federal and state agencies, and telecommunications firms. The Cybersecurity and Infrastructure Security Agency (CISA) has advised affected organizations to disconnect their servers from the internet until a full patch is available. The vulnerability was first spotted by Eye Security, which said it allows hackers to access SharePoint servers and steal keys to impersonate users or services. The FBI is aware of the attack and is working with government and private sector partners to investigate the incident. The breach is likely to put Microsoft's security culture under scrutiny once again, following a previous breach of Exchange Online mailboxes.