DiscoverShared Security PodcastLeaked, Patched, and Still Hacked: The SharePoint Zero-Day Crisis
Leaked, Patched, and Still Hacked: The SharePoint Zero-Day Crisis

Leaked, Patched, and Still Hacked: The SharePoint Zero-Day Crisis

Update: 2025-08-04
Share

Description

This week we explore the recent Microsoft SharePoint vulnerability that has led to widespread exploitation by ransomware gangs and Chinese State-sponsored hackers. We also cover the confirmed compromise of multiple US agencies, including the Department of Homeland Security, in a large-scale cyber espionage campaign. Kevin Johnson joins to discuss the implications of these events, the underlying issues with patching systems, and the complexities of protecting applications like SharePoint. Stay informed on the latest cybersecurity developments and get insights on what might have gone wrong. Plus, get a peek at what’s happening at Black Hat and DEF CON in Vegas.


** Links mentioned on the show **


DHS, HHS among agencies hacked in Microsoft Sharepoint breach

https://www.yahoo.com/news/articles/dhs-hhs-among-agencies-hacked-151648112.html


Blame a leak for Microsoft SharePoint attacks, researcher insists

https://www.theregister.com/2025/07/26/microsoft_sharepoint_attacks_leak/










** Watch this episode on YouTube **


https://youtu.be/klI0XmrNxC0


** Become a Shared Security Supporter **


Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity


** Thank you to our sponsors! **


SLNT


Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”.


Click Armor


To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity


** Subscribe and follow the podcast **


Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast


Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social


Follow us on Mastodon: https://infosec.exchange/@sharedsecurity


Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/


Visit our website: https://sharedsecurity.net


Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe


Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe


Leave us a rating and review: https://ratethispodcast.com/sharedsecurity


Contact us: https://sharedsecurity.net/contact



The post Leaked, Patched, and Still Hacked: The SharePoint Zero-Day Crisis appeared first on Shared Security Podcast.

Comments 
In Channel
loading
00:00
00:00
x

0.5x

0.8x

1.0x

1.25x

1.5x

2.0x

3.0x

Sleep Timer

Off

End of Episode

5 Minutes

10 Minutes

15 Minutes

30 Minutes

45 Minutes

60 Minutes

120 Minutes

Leaked, Patched, and Still Hacked: The SharePoint Zero-Day Crisis

Leaked, Patched, and Still Hacked: The SharePoint Zero-Day Crisis

Tom Eston, Kevin Johnson