Security researchers say Microsoft customers should take immediate action to defend against the ongoing cyberattacks, and must assume they have already been compromised.

In an alert issued on Saturday, Microsoft said the vulnerabilities apply only to SharePoint servers used within organizations. It said that SharePoint Online in Microsoft 365, which is in the cloud, was not hit by the attacks.

Unknown threat actors are using a weaponised version of an exploit showcased at Pwn2Own Berlin in May to target SharePoint servers around the world.

Microsoft has alerted organizations about active attacks exploiting a vulnerability in SharePoint servers, impacting over 10,000 on-premise installations, including those at businesses and government agencies.

Microsoft Corp.’s server software is under attack from unidentified hackers, with cybersecurity analysts warning of widespread security breaches across the globe.The Redmond, Washington-based software maker said it had released a new security patch for customers to apply to their SharePoint servers “to mitigate active attacks targeting on-premises servers,