An APT group is leveraging a critical vulnerability (CVE-2021-44077) in Zoho ManageEngine ServiceDesk Plus to compromise organizations in a variety of sectors, including defense and tech.