More hacking groups join Microsoft Exchange attack frenzy By More state-sponsored hacking groups have joined the ongoing attacks targeting tens of thousands of on-premises Exchange servers impacted by severe vulnerabilities tracked as ProxyLogon. After Microsoft's initial report that the vulnerabilities were actively exploited by a Chinese APT group named Hafnium, Slovak internet security firm ESET shared info on at least three other Chinese-backed hacking groups abusing the ProxyLogon flaws in ongoing attacks. Besides those three (APT27, Bronze Butler aka Tick, and Calypso), ESET also said that it also identified several "additional yet-unclassified clusters." In a Friday update to their announcement, Microsoft said that several other threat actors "beyond HAFNIUM" are also exploiting the four critical Exchange flaws.