It's not just data theft. A China-based hacking group is using a flaw in vulnerable SharePoint servers to deliver ransomware, Microsoft warns.

Microsoft has observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon, exploiting vulnerabilities targeting internet-facing SharePoint servers. In addition, we have observed another China-based threat actor,

Microsoft is issuing an emergency fix to close off a vulnerability in Microsoft’s SharePoint software that hackers have exploited to carry out widespread attacks on businesses and at least some federal agencies.

The name was coined by Dinh Ho Anh, a researcher from Khoa of Viettel Cyber Security, who developed the exploit. The researcher said he picked the name because it exploited ToolPane.aspx, a component for assembling the side panel view in the SharePoint user interface.

Microsoft contained a major SharePoint security flaw, amid fresh questions about the future of its legacy on-premises software.

The number of companies and organizations compromised by a security vulnerability in Microsoft Corp.’s SharePoint servers is increasing rapidly, with the tally of victims soaring more than six-fold in a few days,

A security patch Microsoft (MSFT.O), opens new tab released this month failed to fully fix a critical flaw in the U.S. tech giant's SharePoint server software, opening the door to a sweeping global cyber espionage effort,