Who is Warlock operator?

Warlock operator is a threat actor. This group is tracked in the Strobes VI threat intelligence database.

What vulnerabilities does Warlock operator exploit?

Specific CVE exploitation data for Warlock operator is being tracked. Check the Strobes VI threat actor profile for updates.

Warlock operator

Exploited CVEs

Overview

Warlock ransomware is exploiting Microsoft SharePoint vulnerabilities to infiltrate enterprise environments. Attackers gain initial access by uploading web shells through targeted HTTP POST requests, then escalate privileges via Group Policy abuse and compromised accounts. The...

Exploited Vulnerabilities

No exploited CVEs have been attributed to this threat actor yet.

Browse CVE Database

Activity Timeline

First Seen

January 1, 2025

Quick Actions

Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives

PoC for every finding

30+ tools orchestrated

Book a Demo Learn More

Setup in 5 minutesSOC 2 & ISO 27001