The zero-day vulnerability — which was first disclosed late Saturday — has been exploited by several Chinese state-aligned groups, according to Microsoft.

Over 100 organizations were hacked via a SharePoint flaw. Governments and businesses targeted in a major Microsoft server breach.

STORY: A sweeping cyber espionage operation took aim at Microsoft’s SharePoint servers, and compromised about 100 different organizations.That’s according to two of the firms that helped uncover the attack.

Microsoft also has issued a patch for a related SharePoint vulnerability — CVE-2025-53771; Microsoft says there are no signs of active attacks on CVE-2025-53771, and that the patch is to provide more robust protections than the update for CVE-2025-49706.

New estimates regarding the recently-exploited Microsoft SharePoint vulnerabilities now evaluate that as many as 400 organizations may have been targeted.

Microsoft has issued a stark warning about a recent cyberattack targeting critical infrastructure, including the U.S. National Nuclear Security Administration (NNSA), exposing vulnerabilities in its SharePoint software.

A sweeping cyber espionage operation targeting Microsoft server software compromised about 100 organizations as of the weekend, two of the organizations that helped uncover the campaign said.