Havoc: SharePoint with Microsoft Graph API turns into FUD C2ForitGuard Lab reveals a modified Havoc deployed by a ClickFix phishing campaign. The threat actor hides each stage behind SharePoint and also uses it as a C2.#FortiGuard-Labs-Threat-Research#EN#2025#C2-server#ClickFix#SharePoint#campaign·fortinet.com·Mar 4, 2025Havoc: SharePoint with Microsoft Graph API turns into FUD C2