Unit 42 researchers have identified significant overlaps between Microsoft’s reported ToolShell exploit chain targeting SharePoint vulnerabilities and a tracked activity cluster dubbed CL-CRI-1040. This cluster, active since at least March 2025, deploys a custom malware suite named Project AK47, comprising multi-protocol backdoors, ransomware, and DLL side-loading loaders. Microsoft’s analysis attributes the activity to Storm-2603, a […]
The post Chinese Hackers Exploit SharePoint Flaws to Deploy Backdoors, Ransomware, and Loaders appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Aman Mishra
Source: gbHackers
Source Link: https://gbhackers.com/chinese-hackers-exploit-sharepoint-flaws/