Microsoft is investigating whether a leak from its early alert system for cybersecurity companies allowed Chinese hackers to exploit flaws in its SharePoint service before they were patched, Bloomberg News reported on Friday.

Microsoft blamed two Chinese nation-state actors for exploiting recently discovered security flaws in SharePoint to infiltrate vulnerable organizations, like schools, state governments, and the U.S. government’s top nuclear security agency.

Hackers have breached about 400 government agencies, corporations and other groups, according to estimates from Eye Security.

The Department of Energy, which oversees the agency that manages the US nuclear weapons stockpile, confirms it was affected by the SharePoint bug, but says it was 'minimally impacted.'

Active SharePoint exploits since July 7 target governments and tech firms globally, risking key theft and persistent access.

A series of cyberattacks targeting Microsoft collaboration software, specifically SharePoint, have been linked to Chinese hackers and threat actors.

The newly discovered flaw in Microsoft's SharePoint software has allowed hackers to target dozens of companies and organizations. Only a partial fix has been issued.

Microsoft Corp. advirtió que piratas informáticos están atacando activamente a los clientes de su software de gestión de documentos SharePoint, y los investigadores de seguridad han señalado el riesgo de que se produzcan violaciones de seguridad a gran escala en todo el mundo.