Chinese Hackers Breach Microsoft SharePoint, Target Hundreds Globally

Chinese state-sponsored hacking groups, including Linen Typhoon, Violet Typhoon, and Storm-2603, have exploited vulnerabilities in Microsoft's SharePoint software to infiltrate hundreds of organizations worldwide, including U.S. government agencies such as the nuclear weapons agency. These attacks targeted on-premises SharePoint servers, allowing hackers to retrieve credentials and gain full access, while cloud-based SharePoint was not affected. Microsoft quickly released patches, but hackers bypassed them, highlighting the ongoing challenges in cybersecurity despite Microsoft prioritizing security. The U.S. Cybersecurity and Infrastructure Security Agency has been coordinating with Microsoft and other defense entities to respond and notify critical infrastructure organizations. The hackers have a history of intellectual property theft and espionage, and investigations into other threat actors exploiting these vulnerabilities continue. Microsoft emphasized that the attack targets its customers rather than Microsoft itself, underscoring the risks faced by users of widely deployed software platforms.