A sweeping cyberattack targeting Microsoft’s SharePoint software has compromised nearly 400 entities, including a key U.S. nuclear weapons agency, significantly expanding the known impact of the breach. According to a Bloomberg report citing Dutch cybersecurity firm Fox-IT, the victims include a wide range of government bodies, corporations, and organizations. Notably, the U.S. Department of Energy’s National Nuclear Security Administration (NNSA)—responsible for the design and maintenance of the country’s nuclear arsenal—was among those targeted in the attack.

In response, the Department of Energy confirmed that the breach stemmed from a zero-day vulnerability in Microsoft SharePoint that began to be exploited on July 18. However, the department emphasized that the impact was limited: "Only a small number of systems were affected, all of which are in the process of being fully restored,” it stated, citing its extensive use of Microsoft cloud services and robust security infrastructure.

(MBC News, July 24, 2025)