Topic: warlock ransomware

Sort by: Relevance | Date
  • Warlock ransomware exploits SharePoint flaws, warns Microsoft
    July 25, 2025
    90%

    Warlock ransomware exploits SharePoint flaws, warns Microsoft

    A Chinese hacking group (Storm-2603) is exploiting SharePoint vulnerabilities to deploy Warlock ransomware, targeting over 420 unpatched systems using zero-day exploits like ToolShell. The attackers use Mimikatz and PsExec to steal credentials and move laterally, with at least 400 systems and 148...

    Read More »
  • Ransomware Attacks Target Vulnerable SharePoint Servers
    July 25, 2025
    80%

    Ransomware Attacks Target Vulnerable SharePoint Servers

    Chinese-linked threat actors are exploiting critical SharePoint vulnerabilities (CVE-2025-53770 and CVE-2025-53771) to deploy Warlock ransomware, targeting over 400 organizations, including US federal agencies. Suspected Chinese hacking groups Storm-2603, Linen Typhoon, and Violet Typhoon are usi...

    Read More »
  • Ransomware Hackers Weaponize Velociraptor DFIR Tool
    October 11, 2025
    70%

    Ransomware Hackers Weaponize Velociraptor DFIR Tool

    Malicious actors are misusing the Velociraptor digital forensics tool to deploy LockBit and Babuk ransomware, with the Chinese threat group Storm-2603 identified as responsible. Attackers exploited a privilege escalation vulnerability in Velociraptor to maintain persistent access, using technique...

    Read More »

Related Topics

microsoft sharepoint ransomware attacks (1) fileless powershell encryptor (1) sharepoint vulnerabilities cve-2025-53770 cve-2025-53771 (1) microsoft sharepoint vulnerabilities (1) vmware vsphere access (1) toolshell attack method (1) china-based hacking group storm-2603 (1) chinese nation-state (1)