The zero-day vulnerability used to breach on-premise Kaseya VSA servers was in the process of being fixed, just as the REvil ransomware gang used it to perform a massive Friday attack. The vulnerability had been previously disclosed by security researchers from the Dutch Institute for Vulnerability Disclosure (DIVD) The vulnerability was simple to exploit, according to DIVD Victor Gevers. The number of publicly accessible servers that are reachable from the internet has dropped from over 2,200 to less than 140 in our last scan today.
Source: https://www.bleepingcomputer.com/news/security/kaseya-was-fixing-zero-day-just-as-revil-ransomware-sprung-their-attack/