Canadian House of Commons Breach Tied to Microsoft SharePoint Zero-Day

On August 8th, 2025, hackers breached the Canadian House of Commons by exploiting a critical Microsoft SharePoint zero-day vulnerability—CVE-2025-53770—with a severity score of 9.8. The attack compromised a database containing sensitive employee information, including names, job titles, office locations, email addresses, and technical details about House-managed computers and mobile devices. While investigators from the Communications Security Establishment and the Canadian Centre for Cyber Security have not confirmed the identity of the attackers, the breach bears striking similarities to recent campaigns by Salt Typhoon—also known as Storm-2603—a Chinese state-linked APT group notorious for exploiting SharePoint flaws to infiltrate high-value targets.This intrusion underscores the growing risk Canada faces from both state-sponsored actors and profit-driven cybercriminals. In recent years, Canadian organizations have suffered a surge of high-profile cyber incidents, from WestJet and Air Canada to Nova Scotia Power and Suncor Energy. The stolen House of Commons data could be weaponized for spear-phishing, impersonation, and targeted social engineering attacks against government officials and staff. Experts warn that the breach’s timing—shortly after Microsoft’s public disclosure of active in-the-wild exploitation—highlights the speed at which threat actors move to capitalize on newly revealed vulnerabilities.CVE-2025-53770, a deserialization of untrusted data flaw, enables remote code execution across SharePoint environments, granting attackers deep access to sensitive content and configurations. While Microsoft has been working on a comprehensive fix after an earlier partial patch failed, the incident shows how quickly unpatched zero-days can become a national security issue. Security professionals urge immediate patching, rigorous device monitoring, clear verification protocols, and proactive adversary emulation to prepare for similar attacks.Canada’s latest parliamentary breach is not an isolated event—it’s a warning. As Chinese cyber operations grow bolder and more sophisticated, and as ransomware gangs target government entities with alarming frequency, defending against these threats will require constant vigilance, rapid patch management, and a stronger culture of security awareness within public institutions.#CanadaCyberattack #HouseofCommons #CVE202553770 #MicrosoftSharePoint #ZeroDay #SaltTyphoon #Storm2603 #ChineseAPT #Cybersecurity #DataBreach #Phishing #StateSponsoredAttacks #CanadianParliament #CyberThreatLandscape #NationalSecurity