New estimates regarding the recently-exploited Microsoft SharePoint vulnerabilities now evaluate that as many as 400 organizations may have been targeted.

Federal cybersecurity officials have issued a warning to Microsoft users about a security flaw allowing hackers to access to certain SharePoint systems.

Threat actors exploit SharePoint flaws to access internal systems, steal sensitive data, and carry out surveillance, impersonation, and extortion.

Microsoft warns of hackers exploiting SharePoint vulnerabilities to breach critical organizations, including U.S. nuclear security.

The attacks, discovered over the weekend, exploit a previously unknown vulnerability in the document-sharing software, prompting immediate action from both Microsoft and federal investigators. Newsweek reached out to Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA) via email for comment.

It issued an alert about “active attacks” targeting its server software and urged customers to install new security updates that have been released.

Hackers are exploiting a flaw in a commonly used Microsoft program to gain access to passwords, sensitive data and more.