Bleeping Computer

New ClickFix attack deploys Havoc C2 via Microsoft Sharepoint

A newly uncovered ClickFix phishing campaign is tricking victims into executing malicious PowerShell commands that deploy the Havok post-exploitation framework for remote access to compromised devices ...
Infosecurity-magazine.com

Phishing Campaign Uses Havoc Framework to Control Infected Systems

A new phishing campaign leveraging the open-source Havoc command-and-control (C2) framework has been discovered. Attackers are using modified versions of Havoc Demon Agent alongside Microsoft Graph ...
Ars Technica

SharePoint vulnerability with 9.8 severity rating under exploit across globe

Authorities and researchers are sounding the alarm over the active mass exploitation of a high-severity vulnerability in Microsoft SharePoint Server that’s allowing attackers to make off with ...