Microsoft confirmed on May 14 that CVE-2026-42897 — a cross-site scripting flaw in the Outlook Web Access component of Exchange Server 2016, 2019, and Subscription Edition — is under active ...

Microsoft Exchange has now joined Windows 11 as Pwn2Own zero-day hackers continue to successfully attack the tech giant’s ...

Add Yahoo as a preferred source to see more of our stories on Google. Microsoft has confirmed two unpatched Exchange Server zero-day vulnerabilities are being exploited by cybercriminals in real-world ...

Microsoft on Thursday disclosed a zero-day vulnerability in Exchange that's under active exploitation, but four days later customers are still awaiting a patch. The zero-day, tracked as CVE-2026-42897 ...

A newly discovered zero-day vulnerability in Microsoft Exchange Server has experts declaring an emergency and urging CSOs to think about the need to abandon on-premises email solutions. “Because it’s ...

A zero-day vulnerability exists in Microsoft Exchange, which attackers are already exploiting. Admins should act quickly.

Microsoft Exchange server is one of those enterprise staples, but it's also a key target for cybercriminals. Last week, GTSC reported attacks had begun chaining two new zero-day Exchange exploits as ...

Microsoft has confirmed two unpatched Exchange Server zero-day vulnerabilities are being exploited by cybercriminals in real-world attacks. Vietnamese cybersecurity company GTSC, which first ...