The U.S. National Nuclear Security Administration (NNSA), the agency overseeing America’s nuclear arsenal, was among several organisations affected by a recent cyberattack that exploited a vulnerability in Microsoft’s SharePoint server software. The incident forms part of a wider campaign that has impacted both government and private-sector systems globally.
According to Bloomberg News, the breach targeted document-sharing infrastructure used internally across federal networks. While no classified data is believed to have been accessed, the exposure of the NNSA signals the severity and potential reach of the attack. Microsoft confirmed the vulnerability last week, warning that attackers had launched a zero-day campaign affecting on-premise SharePoint servers.
The flaw allowed attackers to spoof internal identities, gain elevated access, and potentially extract sensitive files. While the specific perpetrators have not been publicly identified, U.S. federal agencies have acknowledged the compromise and are coordinating a response with Microsoft, the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Defense.
Critical infrastructure resilience under scrutiny after high-level breach
The breach has reignited concerns about the digital security of critical infrastructure and national defence systems. Although SharePoint Online users in the Microsoft 365 cloud ecosystem were not affected, the incident highlights the risks of legacy, on-premise deployments—many of which remain in use across federal departments.
The FBI is working closely with other agencies to investigate the intrusion and assess the extent of the damage. Cybersecurity experts say the breach underscores the urgency of modernising digital infrastructure and ensuring real-time threat detection even within closed networks.
This incident follows a string of attacks targeting enterprise collaboration platforms, adding pressure on both government entities and private firms to apply security patches immediately and reassess their cyber hygiene protocols in the face of increasingly sophisticated threats.
