Chinese state-backed hackers exploited flaws in Microsoft SharePoint, breaching over 60 organizations, including key U.S. agencies like the National Nuclear Security Administration. The attacks, linked to groups Linen Typhoon, Violet Typhoon, and Storm-2603, primarily targeted on-premise users, according to Sujita Sinha of Interesting Engineering. Despite patches, hackers maintained access and stole credentials, raising concerns about Microsoft’s security. A new patch has been issued. Sinha writes:

Microsoft has issued a critical warning about Chinese state-backed hackers exploiting security flaws in its SharePoint software.

These vulnerabilities have been used to compromise a growing list of government agencies and private organizations worldwide, including the US National Nuclear Security Administration (NNSA).

In a detailed blog post, Microsoft identified three hacking groups with ties to China. The groups, known as Linen Typhoon, Violet Typhoon, and Storm-2603, are believed to have taken advantage of SharePoint weaknesses that mainly affect customers who operate the software on their internal servers rather than through Microsoft’s cloud-based services.

Read more here.

Also read, China’s Cyber Army Targets Taiwan’s Chip Industry and US National Guard.