Threat actors exploit SharePoint flaws to access internal systems, steal sensitive data, and carry out surveillance, impersonation, and extortion.

A cyber-espionage campaign centered on vulnerable versions of Microsoft's server software now involves the deployment of ransomware, Microsoft said in a late Wednesday blog post.

Microsoft blamed two Chinese nation-state actors for exploiting recently discovered security flaws in SharePoint to infiltrate vulnerable organizations, like schools, state governments, and the U.S. government’s top nuclear security agency.

Multiple hacking groups—including state actors from China—have targeted a vulnerability in older, on-premises versions of the file-sharing tool after a flawed attempt to patch it.

The zero-day vulnerability — which was first disclosed late Saturday — has been exploited by several Chinese state-aligned groups, according to Microsoft.

A series of cyberattacks targeting Microsoft collaboration software, specifically SharePoint, have been linked to Chinese hackers and threat actors.

Microsoft Corp. advirtió que piratas informáticos están atacando activamente a los clientes de su software de gestión de documentos SharePoint, y los investigadores de seguridad han señalado el riesgo de que se produzcan violaciones de seguridad a gran escala en todo el mundo.

Several organisations in South Africa have fallen victim to a global cyberattack that exploited a vulnerability in Microsoft Corp.’s SharePoint servers. ・A global cyberattack has targeted Microsoft SharePoint server vulnerabilities,