Attacks on the Exchange server flaws disclosed last week are being exploited by multiple threat actors and targeting a wide range of companies.
Attackers are using the four Microsoft Exchange zero days to target organizations from SMBs to government agencies and banks.
A Chinese attack group called Hafnium has exploited for zero days in Microsoft Exchange to steal data from inboxes and take control of compromised servers.
Microsoft said the SolarWinds hackers were able to view and download some source code components for Azure, Exchange, and Intune.
The volume of attacks using web shells as a persistence mechanism has nearly doubled in recent months, Microsoft said.