Microsoft Corp accused Chinese hackers of exploiting vulnerabilities in its SharePoint software that have led to breaches worldwide in recent days.
Two Chinese nation-state actors have been exploiting these vulnerabilities in SharePoint, Microsoft said in a blog Tuesday. The flaws were discovered in instances of the software installed on customer servers rather than in the cloud, the company said.
Governments, businesses and other organisations across the globe have been breached because of the vulnerabilities, leading to the theft of sensitive information, Bloomberg reported Tuesday. Microsoft has released a patch and recommended that customers take additional security steps.
The two known threat actors identified by Microsoft, Linen Typhoon and Violet Typhoon, have been active since the mid-2010s, the company said. In the past, they have focused on stealing intellectual property and espionage. Microsoft said a third threat actor also appears to be based in China, though the company hasn’t assessed its motive.
