"A leak happened here somewhere," Dustin Childs, head of threat awareness at Trend Micro's Zero Day Initiative (ZDI), told The Register. "And now you've got a zero-day exploit in the wild, and worse than that, you've got a zero-day exploit in the wild that bypasses the patch, which came out the next day."

New estimates regarding the recently-exploited Microsoft SharePoint vulnerabilities now evaluate that as many as 400 organizations may have been targeted.

Department of Homeland Security headquarters, several of its agencies and the Department of Health and Human Services have been hacked as part of a wider breach of Microsoft SharePoint.​

Microsoft contained a major SharePoint security flaw, amid fresh questions about the future of its legacy on-premises software.

Federal cybersecurity officials have issued a warning to Microsoft users about a security flaw allowing hackers to access to certain SharePoint systems.

Victims of the recent global hacking campaign include the National Institutes of Health and the National Nuclear Security Administration, officials said.

Microsoft confirms Chinese hackers exploited a SharePoint flaw; Patches now available. Cloud-based Microsoft 365 not affected.

Microsoft has pointed the finger at three Chinese nation-state actors for exploiting the SharePoint vulnerabilities, accusing one group of carrying out ransomware attacks. Here's what we know about the security flaws and how to guard against future attacks.