On Thursday, Microsoft shared mitigations for a high-severity Exchange Server vulnerability exploited in attacks that allow ...

The zero-day vulnerability affects on-premises installations for all versions of Exchange Server 2016, 2019 and Subscription ...

Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come ...

Microsoft confirmed on May 14 that CVE-2026-42897 — a cross-site scripting flaw in the Outlook Web Access component of Exchange Server 2016, 2019, and Subscription Edition — is under active ...

A newly discovered zero-day vulnerability in Microsoft Exchange Server has experts declaring an emergency and urging CSOs to ...

Microsoft on Thursday disclosed a zero-day vulnerability in Exchange that's under active exploitation, but four days later customers are still awaiting a patch. The zero-day, tracked as CVE-2026-42897 ...

Microsoft Exchange users are urged to mitigate a zero-day vulnerability that CISA has confirmed is under active exploitation.

A new variant of the 'SHub' macOS infostealer uses AppleScript to show a fake security update message and installs a backdoor ...

Weekly ThreatsDay Bulletin: supply chain attacks, fake support lures, AI tampering, data leaks, ransomware, and exploited ...

The tool is available for macOS, Linux, and Windows. It can be installed through a one-line shell command that automates ...

Kazuar, a sophisticated malware family attributed to the Russian state actor Secret Blizzard, has been under constant development for years and continues to evolve in support of espionage-focused ...

An attacker can send a specially crafted email that, when opened by a user under certain conditions, executes arbitrary JavaScript in the browser context. "Improper neutralization of input during web ...