A new group with ties to the Iranian government is conducting a password-spraying campaign against Office 365 accounts.
The Nobelium attackers, who are responsible for the SolarWinds intrusion, have been deploying a new backdoor called FoggyWeb in targeted attacks.
The Azure OMI vulnerability (CVE-2021-38647) is under attack by several threat actors, including the Mirai botnet operators.
Attackers exploiting the CVE-2021-40444 Windows flaw used infrastructure also known to be associated with a ransomware group.
Some proof-of-concept exploits have begun circulating for CVE-2021-40444 and no patch is yet available.