Security researchers reveal that a critical vulnerability in Microsoft Exchange servers is being actively exploited by state-sponsored threat actors despite being patched months ago. Thousands of organizations remain at risk due to delayed patching cycles, exposing email systems to data theft and espionage.