Security Boulevard Community Chats Webinars Library Timeline of a Hafnium Attack The attacks on Microsoft Exchange servers around the world by Chinese state-sponsored threat group Hafnium are believed to have affected over 21,000 organizations. The impact of these attacks is growing as the four zero-day vulnerabilities are getting picked up by new threat actors. While the world was introduced to these critical vulnerabilities on March 2 nd when Microsoft released security updates and mitigation guidance, the first known exploitation of this vulnerability occurred in early January. Although applying Microsoft’s advised updates protects organizations from continued or future exploitation of these known vulnerabilities, they don’t mitigate any compromises that have already happened. And because these Exchange vulnerabilities are exposed to the internet, cybercriminals continue to voraciously seek out unpatched systems to attack at unprecedented scale.