A widespread campaign is exploiting a vulnerability in the Exim mail transport agent (MTA) to gain remote command-execution on victims Linux systems. Researchers say that currently more than 3.5 million servers are at risk from the attacks, which are using a wormable exploit. Attackers are exploiting the flaw, discovered last week, to take control of the victim machines, search the internet for other machines to infect, and to initiate a cryptominer infection. The vulnerability (CVE-2019-10149) has a critical severity score of 9.8 out of 10 on the CVSS v3 scale.
Source: https://threatpost.com/linux-servers-worm-exim-flaw/145698/