Plus: Verkada flaw finder cuffed and Apple boss may have leaked secrets
Share
Copy
In brief It's looking like the exploitation of critical Exchange flaws that Microsoft revealed at the start of the month could be much worse than folks first suspected.
An analysis by Slovak security shop ESET claims that six advanced criminal hacking groups, thought to have some level of state sponsorship, used the zero days to attack government and industry sites before the flaws were patched. At the time, Microsoft claimed that only one Chinese-based hacking group, dubbed Hafnium, had illicitly exploited the dodgy code. You can see the timeline below.