Threat actors exploit SharePoint flaws to access internal systems, steal sensitive data, and carry out surveillance, impersonation, and extortion.

Multiple hacking groups—including state actors from China—have targeted a vulnerability in older, on-premises versions of the file-sharing tool after a flawed attempt to patch it.

A cyber-espionage campaign centered on vulnerable versions of Microsoft's server software now involves the deployment of ransomware, Microsoft said in a late Wednesday blog post.

The US agency responsible for maintaining and designing the nation’s cache of nuclear weapons was among those breached by a hack of Microsoft Corp.’s SharePoint document management software, according to a person with knowledge of the matter.

The hackers behind the initial wave of attacks exploiting a zero-day in Microsoft SharePoint servers have so far primarily targeted government organizations, according to researchers and news reports.

The zero-day vulnerability — which was first disclosed late Saturday — has been exploited by several Chinese state-aligned groups, according to Microsoft.

A series of cyberattacks targeting Microsoft collaboration software, specifically SharePoint, have been linked to Chinese hackers and threat actors.

Microsoft Corp. advirtió que piratas informáticos están atacando activamente a los clientes de su software de gestión de documentos SharePoint, y los investigadores de seguridad han señalado el riesgo de que se produzcan violaciones de seguridad a gran escala en todo el mundo.