The Register on MSN

Ransomware crims that exploited SharePoint 0-days add Velociraptor to their arsenal

And they’re likely still abusing the same SharePoint flaws for initial access The ransomware gang caught exploiting Microsoft ...
CSO Online

Open-source DFIR Velociraptor was abused in expanding ransomware efforts

China-based threat actors abused outdated Velociraptor to maintain persistence and help deploy Warlock, LockBit, and Babuk ...