preCharge News BUSINESS — Microsoft has warned of “active attacks” targeting its SharePoint collaboration software, with security researchers noting that organizations worldwide stand to be affected by the breach.

The Cybersecurity and Infrastructure Security Agency (CISA) said Sunday in a release that the vulnerability provides unauthenticated access to systems and full access to SharePoint content, enabling bad actors to execute code over the network.

CISA Issues Warning Over SharePoint Security Threat

CISA said that while the scope and impact of the attack continue to be assessed, the agency warned that it “poses a risk to organizations.”

Microsoft late Sunday issued fixes for customers to apply to two versions of the SharePoint software. Another 2016 version remains vulnerable, and the company said it is working to develop a patch.

Microsoft has released security updates that fully protect customers using SharePoint Subscription Edition and SharePoint 2019 against the risks posed by CVE-2025-53770, and CVE-2025-53771. These vulnerabilities apply to on-premises SharePoint Servers only. Customers should apply…

— Security Response (@msftsecresponse) July 21, 2025

Thousands of Organizations Possibly Impacted

Palo Alto Networks and Eye Security Sound Alarm

Researchers at Palo Alto Networks said the hack likely reached thousands of organizations globally.

“The exploits are real, in-the-wild and pose a serious threat,” they added.

preCharge News has reached out to Microsoft for additional comment and information.

Cloud Services Safe, On-Premises SharePoint Under Attack

On-Premises Servers Vulnerable, Microsoft 365 Not Affected

In an alert on Saturday, Microsoft said the attack applies only to on-premises SharePoint servers, not those in the cloud like Microsoft 365. SharePoint software is commonly used by global businesses and organizations to store and collaborate on documents.

Hackers Could Maintain Access Even After Patching

The vulnerability is especially concerning because it allows hackers to impersonate users or services even after the SharePoint server is patched, according to researchers at European cybersecurity firm Eye Security, which said it first identified the flaw.

Breach Could Lead to Data Theft Across Microsoft Ecosystem

SharePoint servers often connect to other Microsoft services such as Outlook and Teams, meaning such a breach can “quickly” lead to data theft and password harvesting, Eye Security researchers said.

Alaska Airlines IT Outage Raises Additional Concerns

Ground Operations Halted for Three Hours

Separately, Alaska Airlines briefly halted its ground operations for about three hours on Sunday due to an IT outage. It lifted the ground stop at roughly 2 a.m. EST, the carrier said in a statement.

No Confirmation Yet on Connection to SharePoint Exploit

It was unclear whether the outage was related to the SharePoint attack.

Want to earn some extra money on the side? Buy PCPi Coin or Subscribe to VIP and get dividens monthly.

____
Associated Press, CNBC News, Fox News, and preCharge News contributed to this report.