Cyware has posted an alert detailing Microsoft sharing that the Cuba ransomware threat group has been observed targeting vulnerable Exchange servers using a zero-day exploit titled OWASSRF, or Outlook Web Access Server-Side Request Forgery. This is an escalation in criminal actors utilizing this exploit, as previously only the Play ransomware group had incorporated it into their malware. While Microsoft released a security update to address OWASSRF in November 2022, there are still many Exchange servers that remain unpatched. This will result in a growing vulnerability for organizations as experts predict more ransomware groups will begin adding OWASSRF to the tools they use to exploit the networks of potential targets. Read more at Cyware.