CISA: Multiple APT Groups Infiltrate Defense Organization

Advanced attackers gained access to Microsoft Exchange services, conducted searches of email, and used an open source toolkit to collect data from the network for nearly a year.

You can read the full article here.