CISA advisory says the zero day exploitation of #MobileIron was happening from "at least" April 2023 (which backs up from I wrote in my blog - i.e. I can see exploitation in logs going back to early this year).

Threat actors were uploading webshells and such. #threatintel #mobileirony

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-213a

The MobileIron vuln is definitely do the rounds in security circles as my honeypot is getting probed, admin lists dumped and disclosures from researchers. #MobileIrony #threatintel

I did write up of this, complete with a logo - behold #MobileIrony, a term coined by @Newk #threatintel
https://doublepulsar.com/mobileirony-backdoor-allows-complete-takeover-of-mobile-security-product-and-endpoints-559733d612e1