Microsoft on Friday disclosed that a single activity group in August 2022 achieved initial access and breached Exchange servers by chaining thetwo newly disclosed zero-day flawsin a limited set of attacks aimed at less than 10 organizations globally. “These attacks installed the Chopper web shell to facilitate hands-on-keyboard access, which the attackers used to perform Active Directory