CISA says federal civilian agency hacked by nation-state and criminal hacking groups
According to the alert, both the unnamed nation-backed hacking group and the criminal group dubbed XE Group exploited known vulnerabilities in Progress Telerik software located in the unnamed government agency’s Microsoft IIS web server.