It didn’t take long. Intelligence agencies and cybersecurity researchers had been warning that unpatched Exchange Servers could open the pathway for ransomware infections in the wake of swift escalation of the attacks since last week.
Now it appears that threat actors have caught up. 
According to the latest reports, cybercriminals are leveraging the heavily exploited ProxyLogon Exchange Server