A vulnerability in Microsoft SharePoint that allows remote code-execution is being increasingly exploited in the wild, according to researchers. The Canadian Cyber Security Centre in April warned that the bug is being exploited in Canada, using the tiny China Chopper web-shell to gain an initial foothold A report Friday from the Saudi Cyber Security Center (NCA) warned of attacks happening across the Kingdom. The Saudis warned that they expect snowballing attacks that will be successful in the short term.
Source: https://threatpost.com/fin7-active-exploits-sharepoint/144628/