CNBC’s Jim Cramer said Monday that a pair of cybersecurity stocks are “big winners” following a cyberattack on Microsoft’s SharePoint software. Speaking on “Squawk on the Street,” Cramer identified both CrowdStrike and Palo Alto Networks as stocks to buy in light of the Microsoft incident that surfaced over the weekend. The software vulnerability enabled hackers to launch a major attack on U.S. government agencies and universities, among other parties, The Washington Post reported . “All I can tell you is the feedback is these companies have another wave of calls .. that then become clients, so you buy these,” Cramer said shortly before Monday’s opening bell. “You buy these aggressively because people did not know, once again, the vulnerabilities and you can’t figure it out yourself.” Plenty of investors are doing just that, with shares of Palo Alto Networks up around 3% Monday and CrowdStrike adding more than 1%. Microsoft’s stock was relatively flat in the session. Cramer’s Charitable Trust, the portfolio used by the CNBC Investing Club, owns a stake in all three companies. In a security alert on Saturday, Microsoft acknowledged the attack and said it only affected versions of SharePoint that companies run using on-premise servers, not the cloud-based version of the collaboration software. Still, thousands of organizations are exposed to the risk. Microsoft has released security updates for two versions of the SharePoint software. However, as of this writing, an update for the 2016 version is not available yet, according to Microsoft’s website . The cyberattack is being described as a “zero-day attack” because it exploited a previously unknown flaw, allowing attackers to gain full access to SharePoint servers, enabling them to read, manipulate or delete content. When major security incidents occur, “what happens is you don’t know who to call so call Nikesh Arora, [the CEO of] Palo Alto. You call George Kurtz [of CrowdStrike]. You say, ‘Help me,” Cramer said. “Microsoft is frantically trying to do a patch. These guys are frantically getting customers,” Cramer added. The Microsoft attack underscores the growing security risks faced by organizations — and that’s precisely why Cramer believes cybersecurity companies are an essential part of investors’ portfolios. He believes CrowdStrike and Palo Alto are the best two around. CrowdStrike’s Falcon platform leverages machine learning and behavioral analysis to detect threats, while Palo Alto Networks has comprehensive endpoint and network security through a host of products that monitor and block suspicious behavior. CrowdStrike is up over 40% year to date while Palo Alto is up more than 10% over the same period, both outperforming the S & P 500’s more than 7% rise in 2025. (Jim Cramer’s Charitable Trust is long CRWD, PANW and MSFT. See here for a full list of the stocks.) As a subscriber to the CNBC Investing Club with Jim Cramer, you will receive a trade alert before Jim makes a trade. Jim waits 45 minutes after sending a trade alert before buying or selling a stock in his charitable trust’s portfolio. If Jim has talked about a stock on CNBC TV, he waits 72 hours after issuing the trade alert before executing the trade. THE ABOVE INVESTING CLUB INFORMATION IS SUBJECT TO OUR TERMS AND CONDITIONS AND PRIVACY POLICY , TOGETHER WITH OUR DISCLAIMER . NO FIDUCIARY OBLIGATION OR DUTY EXISTS, OR IS CREATED, BY VIRTUE OF YOUR RECEIPT OF ANY INFORMATION PROVIDED IN CONNECTION WITH THE INVESTING CLUB. NO SPECIFIC OUTCOME OR PROFIT IS GUARANTEED.
