{"id":87209,"date":"2025-07-26T12:40:39","date_gmt":"2025-07-26T12:40:39","guid":{"rendered":"https:\/\/mailinvest.blog\/index.php\/2025\/07\/26\/blame-a-leak-for-microsoft-sharepoint-attacks-researcher-the-register\/"},"modified":"2025-07-26T12:41:57","modified_gmt":"2025-07-26T12:41:57","slug":"blame-a-leak-for-microsoft-sharepoint-attacks-researcher-the-register","status":"publish","type":"post","link":"https:\/\/mailinvest.blog\/index.php\/2025\/07\/26\/blame-a-leak-for-microsoft-sharepoint-attacks-researcher-the-register\/","title":{"rendered":"Blame a leak for Microsoft SharePoint attacks: researcher \u2022 The Register"},"content":{"rendered":"<p> <a href=\"https:\/\/go.fiverr.com\/visit\/?bta=1052423&nci=17043\" Target=\"_Top\"><img loading=\"lazy\" decoding=\"async\" border=\"0\" src=\"https:\/\/mailinvest.blog\/wp-content\/themes\/breek\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/fiverr.ck-cdn.com\/tn\/serve\/?cid=40081059\"  width=\"601\" height=\"201\"><\/a>\n<\/p>\n<div id=\"body\">\n<p>Every week after Microsoft informed the world that its July software program updates did not absolutely repair a few bugs, which allowed miscreants to take over on-premises SharePoint servers and remotely execute code, researchers have assembled a lot of the puzzle \u2014\u00a0with one massive lacking piece.<\/p>\n<p>How did the attackers, who embody Chinese language authorities spies, knowledge thieves, and ransomware operators, know learn how to exploit the SharePoint CVEs in such a manner that will bypass the safety fixes Microsoft launched the next day?<\/p>\n<p>&#8220;A leak occurred right here someplace,&#8221; Dustin Childs, head of menace consciousness at Pattern Micro&#8217;s Zero Day Initiative (ZDI), informed <em>The Register<\/em>. &#8220;And now you&#8217;ve got bought a zero-day exploit within the wild, and worse than that, you&#8217;ve got bought a zero-day exploit within the wild that bypasses the patch, which got here out the following day.&#8221;<\/p>\n<h3 class=\"crosshead\">Countdown to mass exploitation<\/h3>\n<p>All of it started again in Might, on stage on the Pwn2Own competitors.<\/p>\n<p>Pwn2Own is the hackers&#8217; equal of the World Collection, and ZDI often hosts these competitions twice a 12 months.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,dmpu,\" data-sm=\",fluid,mpu,dmpu,\" data-md=\",fluid,mpu,dmpu,\">\n        <noscript><br \/>\n            <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2aITMxxQsUo37S8glt1v1bQAAANU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\"><br \/>\n                <img decoding=\"async\" src=\"https:\/\/mailinvest.blog\/wp-content\/themes\/breek\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2aITMxxQsUo37S8glt1v1bQAAANU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt=\"\"\/><br \/>\n            <\/a><br \/>\n        <\/noscript>\n    <\/div>\n<p>The newest contest occurred in Berlin, starting Might 15. On <a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/www.zerodayinitiative.com\/blog\/2025\/5\/16\/pwn2own-berlin-2025-day-two-results\">day 2<\/a> of the occasion, Vietnamese researcher Dinh Ho Anh Khoa mixed an auth bypass and an insecure deserialization bug to take advantage of Microsoft SharePoint and win $100,000.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\">\n            <noscript><br \/>\n                <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44aITMxxQsUo37S8glt1v1bQAAANU&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\"><br \/>\n                    <img decoding=\"async\" src=\"https:\/\/mailinvest.blog\/wp-content\/themes\/breek\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44aITMxxQsUo37S8glt1v1bQAAANU&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt=\"\"\/><br \/>\n                <\/a><br \/>\n            <\/noscript>\n        <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\">\n                <noscript><br \/>\n                    <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33aITMxxQsUo37S8glt1v1bQAAANU&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\"><br \/>\n                        <img decoding=\"async\" src=\"https:\/\/mailinvest.blog\/wp-content\/themes\/breek\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33aITMxxQsUo37S8glt1v1bQAAANU&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt=\"\"\/><br \/>\n                    <\/a><br \/>\n                <\/noscript>\n            <\/div>\n<\/p><\/div>\n<p>&#8220;What occurs on the stage is only one a part of Pwn2Own,&#8221; Childs mentioned.<\/p>\n<p>After demonstrating a profitable exploit, the bug hunter and vendor are whisked away into a personal room the place the researcher explains what they did and gives the expertise firm with a full write-up of the exploit. Assuming it isn&#8217;t a reproduction or already recognized vulnerability, the seller then has 90 days to problem a repair earlier than the bug and exploit are made public.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,dmpu,\" data-sm=\",fluid,mpu,dmpu,\" data-md=\",fluid,mpu,dmpu,\">\n            <noscript><br \/>\n                <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44aITMxxQsUo37S8glt1v1bQAAANU&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\"><br \/>\n                    <img decoding=\"async\" src=\"https:\/\/mailinvest.blog\/wp-content\/themes\/breek\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44aITMxxQsUo37S8glt1v1bQAAANU&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt=\"\"\/><br \/>\n                <\/a><br \/>\n            <\/noscript>\n        <\/div>\n<p>&#8220;So Microsoft obtained the working exploit in a white paper describing every little thing on that day,&#8221; Childs mentioned.\u00a0<\/p>\n<p>Lower than two months later, on July 8, the software program large disclosed the 2 CVEs \u2013 CVE-2025-49704, which permits unauthenticated distant code execution, and CVE-2025-49706, a spoofing bug \u2013 and launched software program updates supposed to patch the issues. However <a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/07\/22\/disrupting-active-exploitation-of-on-premises-sharepoint-vulnerabilities\/\">mass exploitation<\/a> had already began the day earlier than, on July 7.<\/p>\n<p>&#8220;Sixty days to repair actually is not a foul timeline for a bug that stays non-public and stays beneath coordinated disclosure guidelines,&#8221; Childs mentioned. &#8220;What&#8217;s dangerous: a leak occurred.&#8221;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\">\n            <noscript><br \/>\n                <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33aITMxxQsUo37S8glt1v1bQAAANU&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\"><br \/>\n                    <img decoding=\"async\" src=\"https:\/\/mailinvest.blog\/wp-content\/themes\/breek\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33aITMxxQsUo37S8glt1v1bQAAANU&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt=\"\"\/><br \/>\n                <\/a><br \/>\n            <\/noscript>\n        <\/div>\n<p>There&#8217;s one other key date that will make clear when that leak occurred.<\/p>\n<p>Patch Tuesday occurs the second Tuesday of each month \u2013 in July, <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2025\/07\/08\/microsoft_patch_tuesday\/\">that was the 8th<\/a>. However two weeks earlier than then, Microsoft gives early entry to some safety distributors through the Microsoft Lively Protections Program (MAPP).<\/p>\n<p>These distributors are required to signal a non-disclosure settlement concerning the soon-to-be-disclosed bugs, and Microsoft offers them early entry to the vulnerability info in order that they&#8217;ll present up to date protections to clients sooner.<\/p>\n<p>&#8220;The primary MAPP drop happens at what we name r minus 14, which is 2 weeks forward of the [Patch Tuesday] launch,&#8221; Childs mentioned \u2013 that&#8217;s, starting on June 24. &#8220;Then, on July 7, we began to see assaults. July 8, the patches have been out and have been virtually instantly bypassed.&#8221;<\/p>\n<p>ZDI, together with different safety suppliers, poked holes within the preliminary patches and decided that the authentication bypass piece was too slender, and attackers may simply bypass this repair. In reality, anybody who obtained the early MAPP details about the CVEs and software program updates &#8220;would be capable to inform that that is a straightforward strategy to get previous it,&#8221; Childs mentioned.<\/p>\n<p>On July 18, Eye Safety first <a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/research.eye.security\/sharepoint-under-siege\/\">sounded the alarm<\/a> on &#8220;large-scale exploitation of a brand new SharePoint distant code execution (RCE) vulnerability chain within the wild.&#8221;<\/p>\n<p>A day later, Microsoft warned SharePoint server customers that three on-prem variations of the product included a zero-day flaw that was beneath assault \u2013 and that its personal failure to fully patch the holes was in charge.<\/p>\n<p>By July 21, Redmond had <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2025\/07\/22\/microsoft_sharepoint_2016_patch\/\">issued software updates<\/a> for all three variations. However by then, <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2025\/07\/23\/microsoft_sharepoint_400_orgs\/\">more than 400 organizations<\/a> had been compromised by no less than two Chinese language state-sponsored crews, <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2025\/07\/22\/chinese_groups_attacking_microsoft_sharepoint\/\" rel=\"nofollow\">Linen Typhoon and Violet Typhoon<\/a>, plus a gang\u00a0Microsoft tracks as Storm-2603, which was abusing the vulnerabilities to <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2025\/07\/24\/microsoft_sharepoint_ransomware\/\">deploy ransomware<\/a>.<\/p>\n<p>Microsoft declined to reply <em>The Register<\/em>&#8216;s particular questions for this story. &#8220;As a part of our commonplace course of, we&#8217;ll evaluation this incident, discover areas to enhance, and apply these enhancements broadly,&#8221; a Microsoft spokesperson mentioned in an emailed assertion.<\/p>\n<p>One researcher suggests a leak might not have been the one pathway to take advantage of. &#8220;<a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/x.com\/irsdl\/status\/1946166765316161634\">Soroush Dalili<\/a> was ready to make use of Google&#8217;s Gemini to assist reproduce the exploit chain, so it is attainable the menace actors did their very own due diligence, or did one thing much like Dalili, working with one of many frontier giant language fashions like Google Gemini, o3 from OpenAI, or Claude Opus, or another LLM, to assist establish routes of exploitation,&#8221; Tenable Analysis Particular Operations staff senior engineer Satnam Narang informed <em>The Register<\/em>.<\/p>\n<p>&#8220;It is troublesome to say what domino needed to fall to ensure that these menace actors to have the ability to leverage these flaws within the wild,&#8221; Narang added.<\/p>\n<p>Nonetheless, Microsoft didn&#8217;t launch any MAPP steerage for the 2 most up-to-date vulnerabilities, <a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2025-53770\">CVE-2025-53770<\/a> and <a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2025-53771\">CVE-2025-53771<\/a>, that are associated to the beforehand disclosed CVE-2025-49704 and CVE-2025-49706.\u00a0<\/p>\n<p>&#8220;It may imply that they now not contemplate MAPP to be a trusted useful resource, so they don&#8217;t seem to be offering any info in any way,&#8221; Childs speculated. &#8220;It additionally may imply that they are scrambling a lot to work on the fixes they do not have time to inform their companions of those different particulars.&#8221;<\/p>\n<p>&#8220;It may simply be a logistical useful resource problem, or it might be, hey, I do not belief MAPP proper now, we&#8217;re not telling them something, which is what I&#8217;d do of their scenario,&#8221; he continued. &#8220;If I assumed a leak got here from this channel, I&#8217;d not be telling that channel something.&#8221; \u00ae<\/p>\n<\/p><\/div>\n<iframe data-lazy=\"true\" data-src=\"https:\/\/www.fiverr.com\/gig_widgets?id=U2FsdGVkX18x7XQvttUTrv1oEqmGNGTgvvCUiUoJ\/AP4z\/UyMz8lXGOLpu15jIMxBbTR0gmD5uBoFvhC4KWeALQRp3h\/X\/AwcVD0K8Wj9H\/ZzYKzcCNHosB9oS4SCJJFWiN85P9ICAc4OgCoE\/wHKIY7CDkf2\/DQ1vqGvk4smVe5cRDEmrLPCWi4FC8p40VUhSmWQ5udCm0zoJtorgWv3vbDQw0kKYkwn39ozAnQXDe+YvWMxkLFWA+O3TFwkJvdkIK+\/AUSnRssPKt5WHY0FhNOxnSPcLslEL4G4\/RfP95ve99U+kRnDy3X+KtzdQLY+u935ghON\/o3UE4IMv9oN6JX9RnxzL\/LRcOgnHigxStSGPKsZYtnz8RWNVT\/rOLAibqiWJadC5MYHRbekF3eg6FOGrQGkXYbsn0+a5aovnlLCbLwIqY9fcS17UX8J235iQ6cdmHNbrPeS84CMm34RA==&affiliate_id=1052423&strip_google_tagmanager=true\" loading=\"lazy\" data-with-title=\"true\" class=\"fiverr_nga_frame\" frameborder=\"0\" height=\"350\" width=\"100%\" referrerpolicy=\"no-referrer-when-downgrade\" data-mode=\"random_gigs\" onload=\" var frame = this; var script = document.createElement('script'); script.addEventListener('load', function() { window.FW_SDK.register(frame); }); script.setAttribute('src', 'https:\/\/www.fiverr.com\/gig_widgets\/sdk'); document.body.appendChild(script); \" ><\/iframe>\n<br \/><a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2025\/07\/26\/microsoft_sharepoint_attacks_leak\/\">Source link <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Every week after Microsoft informed the world that its July software program updates did not absolutely repair a few bugs, which allowed miscreants to take&#8230;<\/p>\n","protected":false},"author":1,"featured_media":87210,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[],"class_list":["post-87209","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tech-universe"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Blame a leak for Microsoft SharePoint attacks: researcher \u2022 The Register - mailinvest.blog<\/title>\n<meta name=\"description\" content=\"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis.mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what&#039;s new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/mailinvest.blog\/index.php\/2025\/07\/26\/blame-a-leak-for-microsoft-sharepoint-attacks-researcher-the-register\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Blame a leak for Microsoft SharePoint attacks: researcher \u2022 The Register - mailinvest.blog\" \/>\n<meta property=\"og:description\" content=\"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis.mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what&#039;s new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/mailinvest.blog\/index.php\/2025\/07\/26\/blame-a-leak-for-microsoft-sharepoint-attacks-researcher-the-register\/\" \/>\n<meta property=\"og:site_name\" content=\"mailinvest.blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/freelanceracademic\/\" \/>\n<meta property=\"article:published_time\" content=\"2025-07-26T12:40:39+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-07-26T12:41:57+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/mailinvest.blog\/wp-content\/uploads\/2025\/07\/keeping_a_secret_photo_via_shutterstock.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"648\" \/>\n\t<meta property=\"og:image:height\" content=\"444\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"admin@mailinvest.blog\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin@mailinvest.blog\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2025\\\/07\\\/26\\\/blame-a-leak-for-microsoft-sharepoint-attacks-researcher-the-register\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2025\\\/07\\\/26\\\/blame-a-leak-for-microsoft-sharepoint-attacks-researcher-the-register\\\/\"},\"author\":{\"name\":\"admin@mailinvest.blog\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#\\\/schema\\\/person\\\/012701c4c204d4e4ebd34f926cfd31a4\"},\"headline\":\"Blame a leak for Microsoft SharePoint attacks: researcher \u2022 The Register\",\"datePublished\":\"2025-07-26T12:40:39+00:00\",\"dateModified\":\"2025-07-26T12:41:57+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2025\\\/07\\\/26\\\/blame-a-leak-for-microsoft-sharepoint-attacks-researcher-the-register\\\/\"},\"wordCount\":1022,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2025\\\/07\\\/26\\\/blame-a-leak-for-microsoft-sharepoint-attacks-researcher-the-register\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/mailinvest.blog\\\/wp-content\\\/uploads\\\/2025\\\/07\\\/keeping_a_secret_photo_via_shutterstock.jpg\",\"articleSection\":[\"Tech Universe\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2025\\\/07\\\/26\\\/blame-a-leak-for-microsoft-sharepoint-attacks-researcher-the-register\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2025\\\/07\\\/26\\\/blame-a-leak-for-microsoft-sharepoint-attacks-researcher-the-register\\\/\",\"url\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2025\\\/07\\\/26\\\/blame-a-leak-for-microsoft-sharepoint-attacks-researcher-the-register\\\/\",\"name\":\"Blame a leak for Microsoft SharePoint attacks: researcher \u2022 The Register - mailinvest.blog\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2025\\\/07\\\/26\\\/blame-a-leak-for-microsoft-sharepoint-attacks-researcher-the-register\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2025\\\/07\\\/26\\\/blame-a-leak-for-microsoft-sharepoint-attacks-researcher-the-register\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/mailinvest.blog\\\/wp-content\\\/uploads\\\/2025\\\/07\\\/keeping_a_secret_photo_via_shutterstock.jpg\",\"datePublished\":\"2025-07-26T12:40:39+00:00\",\"dateModified\":\"2025-07-26T12:41:57+00:00\",\"description\":\"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis.mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what's new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2025\\\/07\\\/26\\\/blame-a-leak-for-microsoft-sharepoint-attacks-researcher-the-register\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2025\\\/07\\\/26\\\/blame-a-leak-for-microsoft-sharepoint-attacks-researcher-the-register\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2025\\\/07\\\/26\\\/blame-a-leak-for-microsoft-sharepoint-attacks-researcher-the-register\\\/#primaryimage\",\"url\":\"https:\\\/\\\/mailinvest.blog\\\/wp-content\\\/uploads\\\/2025\\\/07\\\/keeping_a_secret_photo_via_shutterstock.jpg\",\"contentUrl\":\"https:\\\/\\\/mailinvest.blog\\\/wp-content\\\/uploads\\\/2025\\\/07\\\/keeping_a_secret_photo_via_shutterstock.jpg\",\"width\":648,\"height\":444},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2025\\\/07\\\/26\\\/blame-a-leak-for-microsoft-sharepoint-attacks-researcher-the-register\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/mailinvest.blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Blame a leak for Microsoft SharePoint attacks: researcher \u2022 The Register\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#website\",\"url\":\"https:\\\/\\\/mailinvest.blog\\\/\",\"name\":\"mailinvest.blog\",\"description\":\"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis. mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what&#039;s new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.\",\"publisher\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/mailinvest.blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#organization\",\"name\":\"mailinvest\",\"url\":\"https:\\\/\\\/mailinvest.blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/mailinvest.blog\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/default.png\",\"contentUrl\":\"https:\\\/\\\/mailinvest.blog\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/default.png\",\"width\":1000,\"height\":1000,\"caption\":\"mailinvest\"},\"image\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/freelanceracademic\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#\\\/schema\\\/person\\\/012701c4c204d4e4ebd34f926cfd31a4\",\"name\":\"admin@mailinvest.blog\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/98ed217bd0f3d6a6dcae2d9b0c76e305b049a07275e315e1407e19ec8b08e139?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/98ed217bd0f3d6a6dcae2d9b0c76e305b049a07275e315e1407e19ec8b08e139?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/98ed217bd0f3d6a6dcae2d9b0c76e305b049a07275e315e1407e19ec8b08e139?s=96&d=mm&r=g\",\"caption\":\"admin@mailinvest.blog\"},\"sameAs\":[\"https:\\\/\\\/mailinvest.blog\",\"admin@mailinvest.blog\"],\"url\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/author\\\/adminmailinvest-blog\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Blame a leak for Microsoft SharePoint attacks: researcher \u2022 The Register - mailinvest.blog","description":"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis.mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what's new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/mailinvest.blog\/index.php\/2025\/07\/26\/blame-a-leak-for-microsoft-sharepoint-attacks-researcher-the-register\/","og_locale":"en_US","og_type":"article","og_title":"Blame a leak for Microsoft SharePoint attacks: researcher \u2022 The Register - mailinvest.blog","og_description":"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis.mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what's new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.","og_url":"https:\/\/mailinvest.blog\/index.php\/2025\/07\/26\/blame-a-leak-for-microsoft-sharepoint-attacks-researcher-the-register\/","og_site_name":"mailinvest.blog","article_publisher":"https:\/\/www.facebook.com\/freelanceracademic\/","article_published_time":"2025-07-26T12:40:39+00:00","article_modified_time":"2025-07-26T12:41:57+00:00","og_image":[{"width":648,"height":444,"url":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2025\/07\/keeping_a_secret_photo_via_shutterstock.jpg","type":"image\/jpeg"}],"author":"admin@mailinvest.blog","twitter_card":"summary_large_image","twitter_misc":{"Written by":"admin@mailinvest.blog","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/mailinvest.blog\/index.php\/2025\/07\/26\/blame-a-leak-for-microsoft-sharepoint-attacks-researcher-the-register\/#article","isPartOf":{"@id":"https:\/\/mailinvest.blog\/index.php\/2025\/07\/26\/blame-a-leak-for-microsoft-sharepoint-attacks-researcher-the-register\/"},"author":{"name":"admin@mailinvest.blog","@id":"https:\/\/mailinvest.blog\/#\/schema\/person\/012701c4c204d4e4ebd34f926cfd31a4"},"headline":"Blame a leak for Microsoft SharePoint attacks: researcher \u2022 The Register","datePublished":"2025-07-26T12:40:39+00:00","dateModified":"2025-07-26T12:41:57+00:00","mainEntityOfPage":{"@id":"https:\/\/mailinvest.blog\/index.php\/2025\/07\/26\/blame-a-leak-for-microsoft-sharepoint-attacks-researcher-the-register\/"},"wordCount":1022,"commentCount":0,"publisher":{"@id":"https:\/\/mailinvest.blog\/#organization"},"image":{"@id":"https:\/\/mailinvest.blog\/index.php\/2025\/07\/26\/blame-a-leak-for-microsoft-sharepoint-attacks-researcher-the-register\/#primaryimage"},"thumbnailUrl":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2025\/07\/keeping_a_secret_photo_via_shutterstock.jpg","articleSection":["Tech Universe"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/mailinvest.blog\/index.php\/2025\/07\/26\/blame-a-leak-for-microsoft-sharepoint-attacks-researcher-the-register\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/mailinvest.blog\/index.php\/2025\/07\/26\/blame-a-leak-for-microsoft-sharepoint-attacks-researcher-the-register\/","url":"https:\/\/mailinvest.blog\/index.php\/2025\/07\/26\/blame-a-leak-for-microsoft-sharepoint-attacks-researcher-the-register\/","name":"Blame a leak for Microsoft SharePoint attacks: researcher \u2022 The Register - mailinvest.blog","isPartOf":{"@id":"https:\/\/mailinvest.blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/mailinvest.blog\/index.php\/2025\/07\/26\/blame-a-leak-for-microsoft-sharepoint-attacks-researcher-the-register\/#primaryimage"},"image":{"@id":"https:\/\/mailinvest.blog\/index.php\/2025\/07\/26\/blame-a-leak-for-microsoft-sharepoint-attacks-researcher-the-register\/#primaryimage"},"thumbnailUrl":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2025\/07\/keeping_a_secret_photo_via_shutterstock.jpg","datePublished":"2025-07-26T12:40:39+00:00","dateModified":"2025-07-26T12:41:57+00:00","description":"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis.mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what's new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.","breadcrumb":{"@id":"https:\/\/mailinvest.blog\/index.php\/2025\/07\/26\/blame-a-leak-for-microsoft-sharepoint-attacks-researcher-the-register\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/mailinvest.blog\/index.php\/2025\/07\/26\/blame-a-leak-for-microsoft-sharepoint-attacks-researcher-the-register\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mailinvest.blog\/index.php\/2025\/07\/26\/blame-a-leak-for-microsoft-sharepoint-attacks-researcher-the-register\/#primaryimage","url":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2025\/07\/keeping_a_secret_photo_via_shutterstock.jpg","contentUrl":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2025\/07\/keeping_a_secret_photo_via_shutterstock.jpg","width":648,"height":444},{"@type":"BreadcrumbList","@id":"https:\/\/mailinvest.blog\/index.php\/2025\/07\/26\/blame-a-leak-for-microsoft-sharepoint-attacks-researcher-the-register\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/mailinvest.blog\/"},{"@type":"ListItem","position":2,"name":"Blame a leak for Microsoft SharePoint attacks: researcher \u2022 The Register"}]},{"@type":"WebSite","@id":"https:\/\/mailinvest.blog\/#website","url":"https:\/\/mailinvest.blog\/","name":"mailinvest.blog","description":"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis. mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what&#039;s new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.","publisher":{"@id":"https:\/\/mailinvest.blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/mailinvest.blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/mailinvest.blog\/#organization","name":"mailinvest","url":"https:\/\/mailinvest.blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mailinvest.blog\/#\/schema\/logo\/image\/","url":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2022\/01\/default.png","contentUrl":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2022\/01\/default.png","width":1000,"height":1000,"caption":"mailinvest"},"image":{"@id":"https:\/\/mailinvest.blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/freelanceracademic\/"]},{"@type":"Person","@id":"https:\/\/mailinvest.blog\/#\/schema\/person\/012701c4c204d4e4ebd34f926cfd31a4","name":"admin@mailinvest.blog","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/98ed217bd0f3d6a6dcae2d9b0c76e305b049a07275e315e1407e19ec8b08e139?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/98ed217bd0f3d6a6dcae2d9b0c76e305b049a07275e315e1407e19ec8b08e139?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/98ed217bd0f3d6a6dcae2d9b0c76e305b049a07275e315e1407e19ec8b08e139?s=96&d=mm&r=g","caption":"admin@mailinvest.blog"},"sameAs":["https:\/\/mailinvest.blog","admin@mailinvest.blog"],"url":"https:\/\/mailinvest.blog\/index.php\/author\/adminmailinvest-blog\/"}]}},"_links":{"self":[{"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/posts\/87209","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/comments?post=87209"}],"version-history":[{"count":1,"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/posts\/87209\/revisions"}],"predecessor-version":[{"id":87211,"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/posts\/87209\/revisions\/87211"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/media\/87210"}],"wp:attachment":[{"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/media?parent=87209"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/categories?post=87209"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/tags?post=87209"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}