Microsoft has announced that Hafnium, a Chinese-backed cybercriminal organization, has been taking advantage of four zero-day exploits to attack on-premises Microsoft Exchange servers. We strongly recommend that any organizations with on-premises Exchange servers, including hybrid Office 365 setups, should apply Microsoft’s patch immediately.