Hackers in recent weeks have exploited flaws in SharePoint, a document management system developed by Microsoft Corp., to try to steal sensitive data from hundreds of victims.

Microsoft is investigating whether a leak from its early alert system for cybersecurity companies allowed Chinese hackers to exploit flaws in its SharePoint service before they were patched, Bloomberg News reported on Friday.

Threat actors exploit SharePoint flaws to access internal systems, steal sensitive data, and carry out surveillance, impersonation, and extortion.

Chinese hackers breached the U.S. National Nuclear Security Administration through Microsoft SharePoint, with the Energy Department confirming no sensitive information was stolen.

Wagenius was an active-duty US soldier stationed at bases in South Korea and Texas. In 2024, he helped hack telecom companies and obtained call record data on Donald Trump and Kamala Harris, which he posted in November under the "kiberphant0m" name.

The company said state-backed hacking groups were breaching systems through flaws in SharePoint, which is used by the U.S. government and companies around the world.

Bleach maker Clorox said Tuesday that it has sued information technology provider Cognizant over a devastating 2023 cyberattack, alleging the hackers gained access by asking the tech company's staff for its employees' passwords.

Christina Chapman, a 50-year-old Arizona woman, has just been sentenced to 102 months in prison for helping North Korean hackers steal US identities in order to get "remote" IT jobs with more than 300 American companies, including Nike. The scheme funneled millions of dollars to the North Korean state.

New malware campaign hijacks YouTube and Discord to lure users into installing info-stealing payloads like RedLine and Lumma.