Microsoft is investigating whether a leak from its early alert system for cybersecurity companies allowed Chinese hackers to exploit flaws in its SharePoint service before they were patched, Bloomberg News reported on Friday.

Microsoft blamed two Chinese nation-state actors for exploiting recently discovered security flaws in SharePoint to infiltrate vulnerable organizations, like schools, state governments, and the U.S. government’s top nuclear security agency.

The Department of Energy, which oversees the agency that manages the US nuclear weapons stockpile, confirms it was affected by the SharePoint bug, but says it was 'minimally impacted.'

Active SharePoint exploits since July 7 target governments and tech firms globally, risking key theft and persistent access.

A warning has been issued to Microsoft users detailing a cybersecurity flaw that allowed hackers to access its SharePoint servers, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced.

The newly discovered flaw in Microsoft's SharePoint software has allowed hackers to target dozens of companies and organizations. Only a partial fix has been issued.

A series of cyberattacks targeting Microsoft collaboration software, specifically SharePoint, have been linked to Chinese hackers and threat actors.

Microsoft Corp. advirtió que piratas informáticos están atacando activamente a los clientes de su software de gestión de documentos SharePoint, y los investigadores de seguridad han señalado el riesgo de que se produzcan violaciones de seguridad a gran escala en todo el mundo.