A Chinese hacking collective is currently deploying Warlock ransomware, specifically aiming at Microsoft SharePoint servers, which are presently vulnerable to widespread cyberattacks.
These assaults leverage the ToolShell zero-day exploit chain, which capitalizes on a vulnerability Microsoft recently addressed, thereby enabling the hacking group to breach SharePoint servers and install the Warlock malware by exploiting the very flaw that was patched.