From cybersecuritynews.com
Researchers observed that the cybercriminals are still exploiting the patched MS Sharepoint remote code execution vulnerability to compromise the government organization in the Middle East.
SharePoint is a web-based collaborative platform that integrates with Microsoft Office. With a Microsoft Sharepoint intranet, your teams can share files, data, and resources and collaborate on work.
Threat actors are installing web shells to the SharePoint server and use it to run the commands and upload additional tools to infect the network where the unpatched Sharepoint servers deployed.