After deploying two patches, Barracuda said that businesses impacted by an actively exploited flaw must immediately replace their ESG appliances.
Barracuda has patched a remote code execution vulnerability in its Email Security Gateway appliances.
The Qakbot emails show the long tail of exploitation efforts against the Microsoft ProxyLogon flaw.
Researchers have observed attackers leveraging email thread hijacking tactics to spread the Qakbot malware, which in turn deploys multiple payloads.
Threat actors are attempting to gain the trust of victims by pretending to be a potential customer and filling out an online contact form before launching the BazarLoader attack.