Federal cybersecurity officials have issued a warning to Microsoft users about a security flaw allowing hackers to access to certain SharePoint systems.

Ransomware has officially entered the Microsoft SharePoint exploitation ring. Late Wednesday, in an update to its earlier warning, Redmond confirmed that a threat group it tracks as Storm-2603 is abusing vulnerable on-premises SharePoint servers to deploy ransomware.

The attacks appear to have escalated because Microsoft released incomplete patches for the initial vulnerabilities, according to Benjamin Harris, CEO of watchTowr. After researche

The attacks, discovered over the weekend, exploit a previously unknown vulnerability in the document-sharing software, prompting immediate action from both Microsoft and federal investigators. Newsweek reached out to Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA) via email for comment.

Security researchers say Microsoft customers should take immediate action to defend against the ongoing cyberattacks, and must assume they have already been compromised.

It issued an alert about “active attacks” targeting its server software and urged customers to install new security updates that have been released.

Microsoft warned of "active attacks" targeting some users of its SharePoint software over the weekend and released an emergency patch that fixes only some versions of the vulnerable server software. Why it matters: It remains unclear how many businesses were already hacked prior to Microsoft's warning,

A series of cyberattacks targeting Microsoft collaboration software, specifically SharePoint, have been linked to Chinese hackers and threat actors.