SharePoint Hackers Shift from Espionage to Ransomware, Impacting 400+ Organizations

Monday, 15 December

Monday, 15 December, 2025

SharePoint Hackers Shift from Espionage to Ransomware, Impacting 400+ Organizations

Microsoft warns that the threat group Storm-2603, linked to China, is now weaponizing a SharePoint zero-day to deploy Warlock ransomware, crippling on-premises servers and demanding crypto ransoms. Over 400 victims—including the U.S. National Institutes of Health—have been hit. The shift from data theft to financially motivated attacks underscores urgent need to patch SharePoint, rotate cryptographic keys, enhance monitoring, and isolate vulnerable servers immediately.

Read full story at Economic Times

Tags:microsoft ransomware cryptographic

Download the TechShots App

IT Trends Move Fast. Stay Faster.

Android iOS

Categories

SharePoint Hackers Shift from Espionage to Ransomware, Impacting 400+ Organizations

Also Read

Google Play Store Hides Easy Uninstall for System App Updates

Ola Electric Launches 'Hyperdelivery' for 4680 Bharat Cell EVs

Google Translate Upgrades: Real-Time Audio and AI Slang

SpaceX IPO Buzz: $1.5 Trillion Valuation and Mars Ambitions

Russian Court Ruling Triggers Google's $129M French Asset Freeze

Empire 6.3.0 Released with Advanced Red Team Features

Parliament Takes Notice of Power Grid Cybersecurity Threats

Microsoft Commits $17.5B to Drive India's AI-First Future

Juice Jacking Alert: Protect Your Phone from Public USB Threats

Download the TechShots App

Subscribe To Our Newsletter.