Last year, the Department of Homeland Security released a scathing report detailing Microsoft’s mistakes during a 2023 hack in which China stole thousands of emails from top government officials. Two years before that, China-linked cyberattackers compromised more than 250,000 Microsoft Exchange servers.

Microsoft said in a post on its website on Saturday that it was “aware of active attacks targeting on-premises SharePoint Server customers by exploiting vulnerabilities.” SharePoint is a Microsoft platform that allows customers to manage and share documents within their organizations.

Microsoft warns of hackers exploiting SharePoint vulnerabilities to breach critical organizations, including U.S. nuclear security.

Microsoft has issued a stark warning about a recent cyberattack targeting critical infrastructure, including the U.S. National Nuclear Security Administration (NNSA), exposing vulnerabilities in its SharePoint software.

The zero-day vulnerability — which was first disclosed late Saturday — has been exploited by several Chinese state-aligned groups, according to Microsoft.

South Africa’s National Treasury is among at least 400 entities worldwide to be affected by a hack of Microsoft’s SharePoint document management system.

A warning has been issued to Microsoft users detailing a cybersecurity flaw that allowed hackers to access its SharePoint servers, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced.