Iranian nation-state groups have now joined financially motivated actors in actively exploiting a critical flaw in PaperCut print management software, Microsoft disclosed over the weekend.
The tech giant’s threat intelligence team said it observed both Mango Sandstorm (Mercury) and Mint Sandstorm (Phosphorus) weaponizing CVE-2023-27350 in their operations to achieve initial access.
“This activity shows Mint Sandstorm’s continued ability to rapidly incorporate [proof-of-concept] exploits into their operations,” Microsoft said in a series of tweets.
