The full scope of the ToolSheel attack has been made public.

The ToolShell attack which was disclosed by Microsoft has only grown in scope since it was first discovered. Initial attempts to mitigate and patch the breach have failed and additional victims have been discovered. Victims include major companies along with dozens of federal and state agencies in the United States.

Read more:

https://www.securityweek.com/toolshell-attacks-hit-400-sharepoint-servers-us-government-victims-named/