The FBI and the CISA are warning of active exploitation of a newly patched flaw in Zoho’s ManageEngine ServiceDesk Plus product to deploy web shells and carry out an array of malicious activities.