New ransomware attack blocks Internet access

New ransomware attack blocks Internet access Live Traffic Feed
Erie, Pennsylvania arrived from rootsecure.net on "Security-Shell: Microsoft Technet Vulnerable to Cross-Site Scripting"
Algeria left "Security-Shell: Microsoft Technet Vulnerable to Cross-Site Scripting" via packetstormsecurity.org
Ljubljana, Bohinj left "Security-Shell: Stoned Bootkit" via web-sniffer.net
Algeria arrived on "Security-Shell: Microsoft Technet Vulnerable to Cross-Site Scripting"
Pinner, Greater London left "Security-Shell: Microsoft Technet Vulnerable to Cross-Site Scripting" via t1shopper.com
Pinner, Greater London left "Security-Shell: Microsoft Technet Vulnerable to Cross-Site Scripting" via exploit-db.com
Kuala Lumpur, Wilayah Persekutuan left "Security-Shell" via stoned-bootkit.info
Pinner, Greater London arrived from rootsecure.net on "Security-Shell: Microsoft Technet Vulnerable to Cross-Site Scripting"
Kuala Lumpur, Wilayah Persekutuan arrived on "Security-Shell"
Siegen, Nordrhein-Westfalen arrived from rootsecure.net on "Security-Shell: Microsoft Technet Vulnerable to Cross-Site Scripting"

WHAT That;s where I live

Vulnerable page: TechNet Script Center GalleryXSS





For redirect poc check: http://gallery.technet.microsoft.com

More............Security-Shell: Microsoft Technet Vulnerable to Cross-Site Scripting

I'm confused. This post seems to indicate that Technet is vulnerable to XSS attacks, but I don't see anything about ransomware? Are the XSS injects being used to distribute a new kind of malware/ransomeware? The links seems a little fishy, so I didn't click them.