Microsoft software is once again under attack globally, the threat involves a browser-based security bypass, and unlike the recent Windows authentication relay attack vulnerability and so far, there is no patch or magic update to remedy it.

It is particularly bad news for users of Microsoft SharePoint Server, as CVE-2025-53770 is currently under confirmed “mass attack” and on-premises servers across the world are being compromised.

US federal and state agencies have been plunged into panic as some agencies, as well as state legislatures have reported problems with hacks targeting SharePoint servers.

A Washington post report reports private researchers have detected attempts to breach servers at universities, energy companies, and China, among other targets, in what has already been a challenging period for Microsoft’s cybersecurity.