May 9, 2023

Microsoft Warns of State-Sponsored Attacks Exploiting Critical PaperCut Vulnerability

Posted by in category: space

Iranian nation-state groups have now joined financially motivated actors in actively exploiting a critical flaw in PaperCut print management software, Microsoft said.

The tech giant’s threat intelligence team said it observed both Mango Sandstorm (Mercury) and Mint Sandstorm (Phosphorus) weaponizing CVE-2023–27350 in their operations to achieve initial access.

“This activity shows Mint Sandstorm’s continued ability to rapidly incorporate [proof-of-concept] exploits into their operations,” Microsoft said in a series of tweets.

Leave a reply