Welcome to the TechMeme right home for Wednesday, July 23rd, 2025. I'm Brian McCalla today.

Don't sleep on that SharePoint exploit from earlier this week as it seems to have led to a ton of still active breaches.

Apple has a new insurance plan for you. Elon wants even more money for XAI.

The Chinese are still churning

ahead with their AI models and three different stories about AI and privacy. Here's what you

miss today in the world of tech. Probably need to update you on something important. Microsoft says

it, quote, has observed two

named Chinese nation-state actors, Linen Typhoon and Violet Typhoon, exploiting the SharePoint

Zero Day vulnerabilities. Quoting, Bleeping Computer, we assess that at least one of the actors

responsible for this early exploitation is a Chinese nexus threat actor. It's critical to

understand that multiple actors are now actively exploiting this vulnerability. Charles Carmackold,

CTO of Google Cloud's Mandient Consulting, told Leaping Computer yesterday. Cybersecurity firm

Checkpoint also revealed on Monday that it discovered the first signs of exploitation on July

7th,

adding that the attackers targeted dozens of entities across the government, telecommunications,

and software sectors in North America and Western Europe.

Microsoft Patch the two flaws as part of the July Patch Tuesday updates used by

threat actors to compromise fully patched SharePoint servers.

Since then, it released emergency

patches for SharePoint subscription edition, SharePoint 2019, and SharePoint 2016 to address both

RCE flaws, end quote. And, uh, yeah, a source tells Bloomberg that the U.S. National

Nuclear Security Administration was among those breached by that hack. No sensitive information

...