A group known as Hafnium based in China appears to have exploited a Zero-Day vulnerability in Microsoft Exchange Servers leaving as many as 30000 customers vulnerable.
The intrusion which was first spotted by Volexity, a security firm, disclosed thatvthe attack begun as early as January 6th, but recently spiked on Friday in response to a Microsoft patch release.
Security Agencies have advised customers who use am exposed exchange server to assume that they had been hacked and take necessary precautions.
A similar attack was discovered last year, from Russian sources. The SolarWinds attack was the first of its kind, compromising at least 18,000 organizations.