LAINWIRED.NET

DAILY DOSE OF STUPIDITY

Your opinion is bad and you should feel bad.

DDOS VII: Global hack on Microsoft Sharepoint hits U.S., state agencies, researchers say
by Alhazred

July 21, 2025

It's another Monday, so there's another Webapp that has been hacked. This time it's Microsoft Office's SharePoint Server. The attack has been acknowledged by Microsoft, CISA and various independent researchers. It has been ongoing since at least July 17th, and was patched by Microsoft over the last couple of days. Amongst those affected are U.S. federal services and hundreds of companies.

These types of attacks happen so often that an LLM could probably generate a perfect replica of Hacker posts with near-100% accuracy, and this is what has happened here. Starting with the newer additions, a Hacker muses "why on earth would you leave your own SharePoint instance exposed to the Internet?". A good question indeed, with probably no single answer. One can assume various reasons, including laziness, botched configurations, COVID-era remote work hacks, Microsoft's convoluted and all-over-the-place guidelines, the list goes on and on.

Then, the real fun begins. "We need more Linux", state various Hackers. Some are generic in their ask of "Linux", others specify "Red Hat Linux", none really talk about what exact software would be running on this "Linux", or who maintains that software (the more memorious readers might recall a few problems with open source software from months and years past). The Hacker does not concern themselves with such practicalities, as supply chain vulnerabilities are beneath the Hacker, and Microsoft is Satan already, so who cares.

At this point, we're really getting into the weeds. Some Hackers claim that Microsoft could potentially have allowed SharePoint to be hacked, so that companies would use its cloud version. A Hacker is done with Microsoft products after this and Crowdstrike (Editor's Note: Crowdstrike is not a Microsoft product), while another asks "why didn't they just rewrite [SharePoint] in Rust?" - the solution to every security vulnerability. There's also some politicking, because Hackers are, above all, astutely aware of important things that happen in the world.

Welcome to the Wired

Do you find yourself saying: "I haven't had enough"?

Then you may find older DDOS entries in the archive.

This website was created out of a misplaced sense of nostalgia, too much free time and truly baffling aesthetic sensibilities. We hope you enjoy your time here.

If you hate the idea of using this eyesore of a website but still find value in its content for whatever reason, RSS will be coming soon (TM).

Kyurems webroom WIRED COLLECTIVE WEBRING