Ransomware actors have increasingly shifted their tactics to exploit flaws as part of their initial infection vector.
Cybercriminals are using the known ProxyLogon and ProxyShell vulnerabilities to hijack email threads in malware attacks.
The Exchange Server flaw is one of 55 vulnerabilities fixed in Microsoft's Patch Tuesday update.
An emerging threat called Tortilla has been exploiting vulnerabilities in Microsoft (MS) Exchange servers hit with Babuk ransomware.
The Lemon Duck cryptocurrency-mining botnet was seen behind a spike of April attacks exploiting the Microsoft Exchange server ProxyLogon flaw.