The number of companies and organizations compromised by a security vulnerability in Microsoft’s SharePoint servers is increasing rapidly, including South Africa’s National Treasury.

Hackers exploited a zero-day vulnerability in Microsoft SharePoint servers, targeting US federal agencies and other entities.

Microsoft has issued a stark warning about a recent cyberattack targeting critical infrastructure, including the U.S. National Nuclear Security Administration (NNSA), exposing vulnerabilities in its SharePoint software.

Major cyberattacks in 2025 so far have included the Microsoft SharePoint Server “ToolShell” attacks, the ransomware attack against IT distributor Ingram Micro and a series of Scattered Spider attacks targeting numerous industries.

Microsoft warned users that hackers used a security flaw in its server software to attack government agencies and businesses around the world. The federal government, along with those in Canada and Australia, has launched an investigation into the hack that targeted SharePoint servers, The Washington Post reported.

Microsoft issued an emergency fix to close off a vulnerability in its SharePoint software that hackers have exploited to carry out widespread attacks on businesses and at least some federal agencies.

Several entities in South Africa have been compromised by hackers who exploited a security vulnerability in Microsoft’s SharePoint servers.

A security patch Microsoft (MSFT.O), opens new tab released this month failed to fully fix a critical flaw in the U.S. tech giant's SharePoint server software, opening the door to a sweeping global cyber espionage effort,