Zero Day MonitorZDM

← Back to list

EST

PRE-CVEEXPLOITED

microsoft · exchange

Microsoft Exchange Server Zero-Day Exploitation by Silk Typhoon

49% confidence

Description

The Silk Typhoon hacking group exploited zero-day vulnerabilities in Microsoft Exchange Server to gain initial access to victim networks, deploy web shells, and exfiltrate data. These vulnerabilities were exploited between late 2020 and 2021 as part of a widespread cyberespionage campaign targeting organizations, including those involved in COVID-19 research.

Affected Products

Vendor	Product	Versions
microsoft	exchange	—

Related News (1 articles)

Tier D

BleepingComputer4h ago

Alleged Silk Typhoon hacker extradited to US for cyberespionage

→ No new info (linked only)

CISA KEV❌ No

Actively exploited✅ Yes

CWECWE-399, CWE-20

PublishedApr 27, 2026

Last enriched3h ago

Tags

zero-daycyberespionageweb shellmicrosoft exchange

Trending Score49

Source articles1

Independent1

Info Completeness7/14

Missing: cve_id, versions, cvss, epss, kev, patch, iocs

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-21510EXPKEV

Windows Shell Security Feature Bypass Vulnerability

HIGHCVE-2026-21513EXPKEV

MSHTML Framework Security Feature Bypass Vulnerability

MEDIUMCVE-2026-32202EXPKEV

Windows Shell Spoofing Vulnerability

HIGHCVE-2026-33825EXPKEV

Microsoft Defender Elevation of Privilege Vulnerability

MEDIUMCVE-2026-32201EXPKEV

Microsoft SharePoint Server Spoofing Vulnerability

Pin to Dashboard

Verification

State: reported

Confidence: 49%

Vulnerability Timeline

CVE Published

Apr 27, 2026

Actively Exploited

Apr 27, 2026

Exploit Available

Apr 27, 2026

Discovered by ZDM

Apr 27, 2026