Microsoft has spotted multiple zero-day exploits in the wild being used to attack on-premises versions of Microsoft Exchange Server. Adversaries have been able to access email accounts, steal a raft of data and drop malware on target machines for long-term remote access. The attacks are limited and targeted, according to Microsoft, spurring it to release out-of-band patches this week. The culprit is believed to be an advanced persistent threat (APT) group known as Hafnium.
Source: https://threatpost.com/microsoft-exchange-zero-day-attackers-spy/164438/