The name was coined by Dinh Ho Anh, a researcher from Khoa of Viettel Cyber Security, who developed the exploit. The researcher said he picked the name because it exploited ToolPane.aspx, a component for assembling the side panel view in the SharePoint user interface.

CISA gave agencies until the end of the day on Monday to mitigate a severe zero-day vulnerability in Microsoft's widely used SharePoint software.

State CISOs in North Carolina and Arizona said their teams began work immediately to ensure on-prem SharePoint systems were secure, following the recent disclosure of an active zero-day exploit.

Multiple hacking groups—including state actors from China—have targeted a vulnerability in older, on-premises versions of the file-sharing tool after a flawed attempt to patch it.

Active SharePoint exploits since July 7 target governments and tech firms globally, risking key theft and persistent access.

Microsoft released an emergency security patch on Sunday to “mitigate active attacks targeting on-premises servers.”