A China-based hacking group is deploying Warlock ransomware on Microsoft SharePoint servers vulnerable to widespread attacks targeting the recently patched ToolShell zero-day exploit chain.

Microsoft has pointed the finger at three Chinese nation-state actors for exploiting the SharePoint vulnerabilities, accusing one group of carrying out ransomware attacks. Here's what we know about ...

Ransomware has officially entered the Microsoft SharePoint exploitation ring. Late Wednesday, in an update to its earlier ...

Threat actors exploit SharePoint flaws to access internal systems, steal sensitive data, and carry out surveillance, ...

Microsoft has observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon, exploiting vulnerabilities ...

Microsoft said Chinese actor Storm-2603 is deploying Warlock ransomware following the exploitation of vulnerabilities in ...

A cyber-espionage campaign centered on vulnerable versions of Microsoft's server software now involves the deployment of ...

A China-linked threat actor has been observed exploiting SharePoint servers to deliver ransomware, according to Microsoft ...

The company has been called out repeatedly for inadequate security practices, and now we have another case in point: a ...

Ransomware gangs are on the hunt for organizations that have yet to patch their vulnerable Microsoft SharePoint servers. Why ...

It's not just data theft. A China-based hacking group is using a flaw in vulnerable SharePoint servers to deliver ransomware, Microsoft warns.

SharePoint servers are being picked at with high-risk, legitimate-looking, branded phish messages and preyed on by a ransomware gang using an old bug.