Hackers have compromised multiple entities in South Africa through a critical vulnerability in Microsoft’s SharePoint servers, cybersecurity firm Eye Security has disclosed.

The breach is part of a broader cyberattack that has impacted around 400 organizations globally.

Eye Security, which identified the early wave of attacks, said the actual number of affected institutions may be significantly higher.

The most impacted countries include the United States, Mauritius, Jordan, South Africa, and the Netherlands.

In South Africa, the National Treasury confirmed that it had discovered malware on its network and has sought assistance from Microsoft.

However, it emphasized that its systems and websites remain operational.

The breach also affected high-profile U.S. institutions such as the National Nuclear Security Administration — which oversees the country’s nuclear weapons stockpile — and the National Institutes of Health.

Microsoft acknowledged the attacks in a blog post on Tuesday, attributing the intrusions to Chinese state-linked hackers who have been exploiting SharePoint vulnerabilities in recent weeks.