ProxyNotShell— the story of the claimed zero days in Microsoft Exchange

Yesterday, cybersecurity vendor GTSC Cyber Security dropped a blog saying they had detected exploitation of a new Microsoft Exchange zero day:

Warning: New attack campaign utilized a new 0-day RCE vulnerability on Microsoft Exchange Server | Blog | GTSC — Cung cấp các dịch vụ bảo mật toàn diện (gteltsc.vn)

If a zero day in Exchange was real, history has shown things go south quickly… so let us dig into it.