Hackers sponsored by the Chinese state have breached a number of U.S. government institutions, including the agency responsible for overseeing the security of America’s nuclear arsenal, Microsoft warned.

Microsoft has warned that Chinese state-sponsored hackers have breached its SharePoint software used by the US agency responsible for maintaining and modernizing the nation’s stockpile of nuclear weapons, according to a report.

A July 8 fix for a critical SharePoint zero-day failed to stop active exploitation, enabling state-backed attackers to breach nearly 100 organizations worldwide.

A China-linked threat actor has been observed exploiting SharePoint servers to deliver ransomware, according to Microsoft researchers, in the latest sign of worsening attacks against on-premises SharePoint Server customers.

The move comes after a ProPublica report highlighted a Microsoft program that allows foreign engineers to indirectly interact with U.S. military systems through American “escort” intermediaries.

A China-based hacking group is deploying Warlock ransomware on Microsoft SharePoint servers vulnerable to widespread attacks targeting the recently patched ToolShell zero-day exploit chain.

Chinese workers are accompanied by US citizens functioning as 'digital escorts,' but the practice functions 'with little review,' according to a ProPublica investigation.

US President Donald Trump urged tech giants to halt overseas hiring, emphasising job creation at home during an AI Summit. He criticised companies like Google and Microsoft for outsourcing and unveiled new executive orders aimed at reshaping AI infrastructure.

After a ProPublica investigation raised security concerns, Microsoft will cease using China-based engineers for work on sensitive Pentagon cloud computing systems.

The Chinese government has warned against using cyber security issues to defame the country, following the hacker attacks on Microsoft software. Foreign Ministry spokesman Guo Jiakun said in Beijing on Wednesday that he was not aware of the exact circumstances of the attacks.

A series of cyberattacks targeting Microsoft collaboration software, specifically SharePoint, have been linked to Chinese hackers and threat actors.