Chinese hackers used code flaw to steal emails from government agencies

Microsoft says that hackers used a flaw in its code to steal emails from government agencies and other clients.
In a blog post published on Friday, the company said that Chinese hackers were able to take advantage of “a validation error in Microsoft code” to carry out their cyberespionage campaign.
The blog provided the most fulsome explanation yet for a hack that rattled both the cybersecurity industry and China-U.S. relations. Beijing has denied any involvement in the spying.
Microsoft and U.S. officials said on Wednesday night that Chinese state-linked hackers had been secretly since May accessing email accounts at around 25 organizations. U.S. officials said those included at least two U.S. government agencies.
Microsoft has not identified any of the hack’s targets but several victims have acknowledged they were affected, including personnel at the State Department, the Commerce Department, and the U.S. House of Representatives.