Microsoft has reported that Chinese-backed hackers have been exploiting vulnerabilities in SharePoint to target global entities.

Microsoft Corp. (MSFT) shares have displayed an interesting pattern on Stocktwits–the stock has gained over 19% in value since May, but retail sentiment has been trending downward during this period. 

During this period, the retail sentiment reading on Stocktwits has more than halved, from 95 to 46.

The software giant announced on Tuesday that hackers backed by the Chinese government have been exploiting security gaps in its SharePoint software to conduct cyberattacks.

The company, in a blog, has flagged active cyberattacks targeting on-premises SharePoint Server environments after identifying a series of zero-day vulnerabilities affecting widely used server versions.

The flaws enable attackers to spoof authentication, execute code remotely, and bypass security. 

Following the announcement, Microsoft stock inched 0.7% lower on Tuesday Afternoon.

On Stocktwits, retail sentiment towards the stock shifted to ‘bearish’ from’neutral’ territory the previous day, while message volume jumped to ‘high’ from ‘normal’ levels in 24 hours. 

MSFT’s Sentiment Meter and Message Volume as of 12.45 p.m. ET on July 22, 2025 | Source: Stocktwits

Message count saw a 165% surge in the last 24 hours. 

A user believes the stock is overbought.

However, another user said the impact was minimal.

Microsoft stated that it has observed sustained exploitation since early July, notably by Chinese-linked groups, including Linen Typhoon, Violet Typhoon, and Storm‑2603. 

These attackers are believed to actively exploit publicly accessible SharePoint servers using a multi-stage attack known as “ToolShell.”

The attack begins with malicious POST requests that bypass authentication, permitting attackers to drop web shells into server directories. 

Companies, educational institutions, and government agencies in the U.S., Europe, and Asia are at risk. Security researchers have confirmed dozens of breaches, with potentially thousands of vulnerable servers still exposed.

As investigations continue, organizations running on-premises SharePoint servers face an urgent race to secure their infrastructure before further exploitation occurs.

According to a Bloomberg report, recent security breaches have reignited concerns over Microsoft’s ability to strengthen its cybersecurity defenses following multiple major incidents. 

Microsoft’s technology has faced repeated large-scale cyberattacks in recent years, and a 2024 U.S. government review criticized its internal security practices, calling for significant and immediate changes.

Microsoft stock has gained over 20% year-to-date and over 14% in the last 12 months.

For updates and corrections, email newsroom[at]stocktwits[dot]com.<