U.S. National Security Agency says Russian Sandworm Team have been exploiting critical flaw in Exim mail transfer agent software since at least August 2019. The vulnerability tracked as CVE-2019-10149 and named “The Return of the WIZard”” makes it possible for unauthenticated remote attackers to execute arbitrary commands as root on vulnerable mail servers. The NSA recommends patching Exim servers immediately by installing version 4.93 or newer. There still are millions of unpatched servers vulnerable to attacks.”
Source: https://www.bleepingcomputer.com/news/security/nsa-russian-govt-hackers-exploiting-critical-exim-flaw-since-2019/