Microsoft has released security updates to address two high-severity Microsoft Exchange zero-day vulnerabilities collectively known as ProxyNotShell and exploited in the wild.
Attackers have been chaining the two security flaws to deploy Chinese Chopper web shells on compromised servers for persistence and data theft, as well as for lateral movement in their victims’ networks since at least September 2022.
Microsoft confirmed they were actively abused in attacks on September 30, saying it was “aware of limited targeted attacks using the two vulnerabilities to get into users’ systems.”
Read more…
Source: Bleeping Computer