Microsoft is investigating whether a leak from its early alert system for cybersecurity companies allowed Chinese hackers to exploit flaws in its SharePoint service before they were patched, Bloomberg News reported on Friday.

Microsoft has pointed the finger at three Chinese nation-state actors for exploiting the SharePoint vulnerabilities. Here's what we know about the security flaws and how to guard against future attacks.

Microsoft has released security patches for the zero-day vulnerability chain dubbed ToolShell, capable of remote code execution on SharePoint, resulting in the exploitation of at least 54 organizations worldwide.

A critical vulnerability in on-premise SharePoint servers allowed state-backed hackers to breach governments and institutions worldwide. Experts are questioning why more hasn't been done or said.

One of the hacked organizations reportedly includes the U.S. agency responsible for maintaining the country's stockpile of nuclear weapons. China-backed hackers have been observed carrying out the hacks targeting SharePoint servers.

Microsoft contained a major SharePoint security flaw, amid fresh questions about the future of its legacy on-premises software.

A security patch Microsoft (MSFT.O), opens new tab released this month failed to fully fix a critical flaw in the U.S. tech giant's SharePoint server software, opening the door to a sweeping global cyber espionage effort,

Microsoft Corp. said a Chinese hacking group is exploiting security vulnerabilities in the company’s SharePoint servers to deploy ransomware, following a cyberattack discovered last week that has affected hundreds of entities around the world.