Researchers have detected multiple instances of cyberattackers using SharePoint vulnerability CVE-2019-0604 to target government organizations in the Middle East. These mark the latest cases of adversaries exploiting the flaw, which was recently used to breach the United Nations. The vulnerability exists when SharePoint fails to check the source markup of an application package. Microsoft released a patch for the vulnerability in February 2019 and later updated its fix in April. Researchers don’t currently believe the attackers behind the April 2019 attacks leveraged the same vulnerability.”]
Source: https://www.darkreading.com/cloud/sharepoint-bug-proves-popular-weapon-for-nation-state-attacks