The Warlock ransomware group has intensified its operations by targeting unpatched on-premises Microsoft SharePoint servers, leveraging critical vulnerabilities to achieve remote code execution and initial network access. This campaign, observed in mid-2025, involves sending crafted HTTP POST requests to upload web shells, facilitating reconnaissance, privilege escalation, and credential theft. Initial Exploitation Attackers exploit flaws like […]
The post Warlock Ransomware Exploits SharePoint Flaws for Initial Access and Credential Theft appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
​The original article found on GBHackers Security | #1 Globally Trusted Cyber Security News Platform Read More
