China's Salt Typhoon exploited SharePoint to hit govts
Chinese threat actors, including Salt Typhoon, exploited the SharePoint ToolShell zero-day to target governments, telecoms, academia, and finance across multiple continents.
Warlock ransomware may be linked to Chinese state | Computer Weekly
Warlock ransomware, exploiting ToolShell SharePoint vulnerabilities, is likely linked to Chinese state-sponsored APTs Linen Typhoon and Violet Typhoon.