https://www.bleepingcomputer.com/news/security/barracuda-esg-zero-day-attacks-linked-to-suspected-chinese-hackers/

A suspected pro-China hacker group tracked by Mandiant as UNC4841 has been linked to data-theft attacks on Barracuda ESG (Email Security Gateway) appliances using a now-patched zero-day vulnerability.

Starting on approximately October 10, 2022, the threat actors began exploiting CVE-2023-2868, a zero-day remote command injection vulnerability in Barracuda's email attachment scanning module.