The US agency responsible for maintaining and designing the nation’s cache of nuclear weapons was among those breached by a hack of Microsoft Corp.’s SharePoint document management software, according to a person with knowledge of the matter.

Microsoft recently patched two major flaws in SharePoint on-prem instances, but the effects could be long-lasting.

In May, Vietnamese cybersecurity researcher Dinh Ho Anh Khoa uncovered a vulnerability in Microsoft Corp.’s document management software, SharePoint, at an event designed to encourage ethical hacking that makes our technology more robust.

Hackers are exploiting a flaw in a commonly used Microsoft program to gain access to passwords, sensitive data and more.

Last year, the Department of Homeland Security released a scathing report detailing Microsoft’s mistakes during a 2023 hack in which China stole thousands of emails from top government officials. Two years before that, China-linked cyberattackers compromised more than 250,000 Microsoft Exchange servers.

Hackers in recent weeks have exploited flaws in SharePoint, a document management system developed by Microsoft Corp., to try to steal sensitive data from hundreds of victims.

A significant flaw in a widely used Microsoft product allowed multiple Chinese-linked hacking groups to breach dozens of organizations across the globe and at least two U.S. federal agencies.