AT2k Design BBS Message Area
Casually read the BBS message area using an easy to use interface. Messages are categorized exactly like they are on the BBS. You may post new messages or reply to existing messages!

You are not logged in. Login here for full access privileges.

Previous Message | Next Message | Back to Slashdot  <--  <--- Return to Home Page
   Local Database  Slashdot   [10 / 105] RSS
 From   To   Subject   Date/Time 
Message   VRSS    All   Foreign Hackers Breached a US Nuclear Weapons Plant Via SharePoi   October 20, 2025
 8:00 PM   

Feed: Slashdot
Feed Link: https://slashdot.org/
---

Title: Foreign Hackers Breached a US Nuclear Weapons Plant Via SharePoint
Flaws

Link: https://it.slashdot.org/story/25/10/20/213923...

Foreign hackers breached the National Nuclear Security Administration's
Kansas City National Security Campus (KCNSC) by exploiting unpatched
Microsoft SharePoint vulnerabilities. The intrusion happened in August and is
possibly linked to either Chinese state actors or Russian cybercriminals. CSO
Online notes that "roughly 80% of the non-nuclear parts in the nation's
nuclear stockpile originate from KCNSC," making it "one of the most sensitive
facilities in the federal weapons complex." From the report: The breach
targeted a plant that produces the vast majority of critical non-nuclear
components for US nuclear weapons under the NNSA, a semi-autonomous agency
within the Department of Energy (DOE) that oversees the design, production,
and maintenance of the nation's nuclear weapons. Honeywell Federal
Manufacturing & Technologies (FM&T) manages the Kansas City campus
under contract to the NNSA. [...] The attackers exploited two recently
disclosed Microsoft SharePoint vulnerabilities -- CVE-2025-53770, a spoofing
flaw, and CVE-2025-49704, a remote code execution (RCE) bug -- both affecting
on-premises servers. Microsoft issued fixes for the vulnerabilities on July
19. On July 22, the NNSA confirmed it was one of the organizations hit by
attacks enabled by the SharePoint flaws. "On Friday, July 18th, the
exploitation of a Microsoft SharePoint zero-day vulnerability began affecting
the Department of Energy," a DOE spokesperson said. However, the DOE
contended at the time, "The department was minimally impacted due to its
widespread use of the Microsoft M365 cloud and very capable cybersecurity
systems. A very small number of systems were impacted. All impacted systems
are being restored." By early August, federal responders, including personnel
from the NSA, were on-site at the Kansas City facility, the source tells CSO.

Read more of this story at Slashdot.

---
VRSS v2.1.180528
  Show ANSI Codes | Hide BBCodes | Show Color Codes | Hide Encoding | Hide HTML Tags | Show Routing
Previous Message | Next Message | Back to Slashdot  <--  <--- Return to Home Page
VADV-PHP
Execution Time: 0.0131 seconds

If you experience any problems with this website or need help, contact the webmaster.
VADV-PHP Copyright © 2002-2025 Steve Winn, Aspect Technologies. All Rights Reserved.
Virtual Advanced Copyright © 1995-1997 Roland De Graaf.
 v2.1.250224