Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access

Check Point Research observed first exploitation attempts targeting an unnamed major Western government. The activity intensified on July 18 and 19, spanning government, telecommunications, and software. The vulnerability has been under exploitation as early as July 7, 2025.