Microsoft has confirmed that theactive exploitation of PaperCut serversis linked to attacks designed to deliver Cl0p and LockBit ransomware families. The tech giant’s threat intelligence team is attributing a subset of the intrusions to a financially motivated actor it tracks under the nameLace Tempest(formerly DEV-0950), which overlaps with other hacking groups like FIN11, TA505, and Evil