In keeping with researchers from Eye Safety and the Shadowserver Basis, attackers exploited a beforehand unknown flaw – a so-called “zero-day” – to realize unauthenticated entry to susceptible SharePoint servers. This allowed them to execute arbitrary code, impersonate providers, steal credentials, and set up persistent backdoors.
