Hours after Microsoft revealed hacking groups affiliated with the Chinese government have been exploiting a flaw in its SharePoint software, Bloomberg News reports that the National Nuclear Security Administration has also been breached in the attacks.

The U.S. government agency that maintains and designs America's nuclear weapons was reportedly breached by attackers exploiting zero-day flaws in on-premises

More than 400 systems have been compromised so far in the widespread cyberattacks exploiting vulnerabilities in Microsoft SharePoint servers, according to researchers at Eye Security.

The SharePoint vulnerabilities that Microsoft released emergency patches for earlier this week – tracked as CVE-2025-53770 and CVE-2025-53771 – have been exploited much further than previously thought. As reported by Bloomberg, the number of companies and organizations affected by the two exploits has grown to more than 400 in just a few days.

Security experts at Google and Microsoft have discovered that Chinese government-backed hackers are exploiting a serious flaw, known as a zero-day vulnerability, in Microsoft SharePoint, a tool used by many companies to store and share documents internally.

Unknown threat actors have reportedly breached the National Nuclear Security Administration's (NNSA) network in attacks exploiting a recently patched Microsoft SharePoint zero-day vulnerability chain.