Researchers point to an “aggressive and skilled actor” with suspected links to China as the group behind the attacks on a recently disclosed Barracuda ESG zero day.
After deploying two patches, Barracuda said that businesses impacted by an actively exploited flaw must immediately replace their ESG appliances.
Threat actors continue to target the critical-severity file transfer bug to launch data exfiltration attacks, and researchers say organizations should potentially expect ransom emails in the coming weeks.
Researchers warn that they are seeing widespread exploitation of the critical-severity Zyxel flaw.
Researchers began to detect exploit attempts in the wild targeting the patched, high-severity flaw in TP-Link routers starting on April 11.