Microsoft SharePoint Hackers Switch Gears to Spread Ransomware
7 Articles
7 Articles
SharePoint flaws exploited in Warlock ransomware attacks | #ransomware | #cybercrime - National Cyber Security Consulting
A China-based hacking group is deploying Warlock ransomware on Microsoft SharePoint servers vulnerable to widespread attacks targeting the recently patched ToolShell zero-day exploit chain. Non-profit security organization Shadowserver is currently tracking over 420 SharePoint servers that are exposed online and remain vulnerable to these ongoing attacks. "Although Microsoft has observed this threat actor deploying Warlock and Lockbit ransomware…
Microsoft SharePoint Hackers Switch Gears to Spread Ransomware
Threat actors exploit SharePoint flaws to access internal systems, steal sensitive data, and carry out surveillance, impersonation, and extortion. This article has been indexed from Security | TechRepublic Read the original article: Microsoft SharePoint Hackers Switch Gears to Spread Ransomware Read more → The post Microsoft SharePoint Hackers Switch Gears to Spread Ransomware appeared first on IT Security News.
U.S. nuclear and health agencies hit in Microsoft SharePoint breach
(Washington Post) – Victims of the recent global hacking campaign include the National Institutes of Health and the National Nuclear Security Administration, officials said. The National Institutes of Health and the federal agency responsible for securing the nation’s nuclear weapons were among the victims in a global breach of Microsoft server software over the weekend, according to officials at the agencies. The incident at NIH, which has not …
Microsoft once again warns of a new, highly critical security incident in its own business and government offerings: Two zero-day gaps in SharePoint Server are currently actively exploited by state-supported hacker groups, including US authorities such as the National Nuclear Security Administration (NNSA), universities and energy companies. Even an Asian telecommunications provider is expected to be affected. A total of over 50 organizations ar…
SharePoint ToolShell vulnerabilities stem from incomplete fix
Kaspersky’s Global Research and Analysis Team (GReAT) reveals that the recently exploited ToolShell vulnerabilities in Microsoft SharePoint originate from an incomplete fix for CVE-2020-1147, first reported in 2020. The SharePoint vulnerabilities have emerged as a major cybersecurity threat this year amid active exploitation. Kaspersky Security Network showed exploitation attempts worldwide, including in Egypt, Jordan, Russia, Vietnam and Zambia…
Germany was the first country in which the IT security manufacturer ESET registered a targeted attack on Microsoft SharePoint servers with a previously unknown vulnerability. The attack on July 17, 2025 is considered the starting point of an internationally escalating campaign in which cybercriminals - including state-supported hackers from China - access to previously unpatched systems.
Coverage Details
Bias Distribution
- There is no tracked Bias information for the sources covering this story.
Factuality
To view factuality data please Upgrade to Premium