A cybersecurity researcher recently spotted threat actors actively trying to exploit Microsoft Exchange servers by targeting ProxyShell vulnerabilities. The newly discovered vulnerabilities could be exploited via the Client Access Service (CAS), which runs in IIS on port 443. Experts recommend applying all the patches as early as possible and using additional layers of security such as endpoint threat detection.