A series of cyberattacks targeting Microsoft collaboration software, specifically SharePoint, have been linked to Chinese hackers and threat actors.

The name was coined by Dinh Ho Anh, a researcher from Khoa of Viettel Cyber Security, who developed the exploit. The researcher said he picked the name because it exploited ToolPane.aspx, a component for assembling the side panel view in the SharePoint user interface.

At least 54 organizations have been breached in the attacks. Some of the attacks that targeted organizations using an exploit in Microsoft’s SharePoint server platform over the last few days have been linked to hacking groups affiliated with the Chinese government, according to a new Microsoft security blog.

US DOE among breached government agencies More than 400 organizations have been compromised in the Microsoft SharePoint attack, according to Eye Security, which initially sounded the alarm on the mass exploitation last Friday,

One of the hacked organizations reportedly includes the U.S. agency responsible for maintaining the country's stockpile of nuclear weapons. China-backed hackers have been observed carrying out the hacks targeting SharePoint servers.

A new vulnerability dubbed ToolShell is being used to compromise on-premise instances of Microsoft SharePoint servers. Attacks have ranged from highly targeted to opportunistic based on the value of the company operating the server.