A critical vulnerability in Microsoft Exchange Server, identified as CVE-2024-21410, has been reported to be actively exploited by threat actors.
This zero-day flaw allows remote unauthenticated attackers to perform NTLM relay attacks and escalate their privileges on the system. As of the latest reports, over 28,500 Exchange servers remain vulnerable to this security issue.
https://cybersecuritynews.com/exchange- ... erability/