Microsoft has officially linked the misuse of security vulnerabilities in internet-exposed SharePoint Server instances to two Chinese hacking organizations named Linen Typhoon and Violet Typhoon as early as July 7, 2025, confirming previous reports.
The technology behemoth stated that it has also detected a third China-based threat entity, which it refers to as Storm-2603, utilizing these vulnerabilities as well to gain initial access to