Microsoft has issued warnings about ongoing widespread cyberattacks targeting its server software, particularly vulnerabilities in Microsoft SharePoint and Exchange servers. Over 400 organizations, including U.S. government agencies such as the U.S. Nuclear Weapons Agency and national laboratories like Fermilab, have been compromised. The attacks have been linked to China-based hacking groups, notably the state-sponsored group Silk Typhoon (also known as Hafnium), which exploited zero-day flaws to deploy ransomware strains including Warlock and LockBit Black. These groups have used sophisticated techniques such as hijacking legitimate tools, faking Microsoft domains, and disabling antivirus software with custom drivers. Microsoft recently patched two major SharePoint vulnerabilities, but experts warn the effects of these breaches could be long-lasting, with some attackers deploying ransomware. Separately, a notorious Russian hacking group known as Secret Blizzard has been impersonating a cybersecurity firm and exploiting local internet service providers to spy on foreign embassies in Moscow using malware called ApolloShadow. In response to the cyberattacks, China's Cyber Security Association accused U.S. agencies of exploiting Microsoft vulnerabilities to conduct cyberattacks on China's defense sector and steal military data, highlighting ongoing cyber tensions between the two nations.