Researchers said malicious activity dates back to early July and active exploitation was observed two months ago.