Threat actors exploit SharePoint flaws to access internal systems, steal sensitive data, and carry out surveillance, impersonation, and extortion.

In a blog post Tuesday, Microsoft said it observed hackers attempting to “gain initial access to target organizations.” According to Microsoft, those involved included hacking groups called Linen Typhoon and Violet Typhoon—which Microsoft said are linked to the Chinese government—and China-based group Storm-2603.

Microsoft confirms Chinese hackers exploited a SharePoint flaw; Patches now available. Cloud-based Microsoft 365 not affected.

A China-linked threat actor has been observed exploiting SharePoint servers to deliver ransomware, according to Microsoft researchers, in the latest sign of worsening attacks against on-premises SharePoint Server customers.

Microsoft has warned that Chinese state-sponsored hackers have breached its SharePoint software used by the US agency responsible for maintaining and modernizing the nation’s stockpile of nuclear weapons, according to a report.

A series of cyberattacks targeting Microsoft collaboration software, specifically SharePoint, have been linked to Chinese hackers and threat actors.