A threat actor known for deploying Warlock ransomware by exploiting vulnerabilities in on-premises SharePoint servers since mid-2025. Uses tools like Velociraptor, Cloudflare…
Ransomware deployed by threat actor Storm-2603, often exploiting known vulnerabilities in on-premises SharePoint servers. Used in parallel with other techniques to establish…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity remote code execution vulnerability, CVE-2026-45659 (CVSS 8.8), affecting Microsoft SharePoint…
active exploitationCISA KEVCloudflareCVE-2025-11371