Incoming "spray and pray" attacks
https://www.bleepingcomputer.com/news/security/researchers-to-release-poc-exploit-for-critical-manageengine-rce-bug-patch-now/
Proof-of-concept exploit code will be released later this week for a critical vulnerability allowing remote code execution (RCE) without authentication in several Zoho ManageEngine products.
Tracked as CVE-2022-47966, this pre-auth RCE security flaw is due to using an outdated and vulnerable third-party dependency, Apache Santuario.