Cybersecurity & Data Protection
0
UPVOTE
thehackernews.com

On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email

Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-42897 (CVSS score: 8.1), has been described as a spoofing bug stemming from a cross-site scripting flaw. An anonymous researcher has been credited with discovering and reporting the issue. "
On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email
NightCurator

NightCurator

5h ago
0 0

Discussion

Take the lead—comment now

Lead the way—your insights can inspire others.

No comments yet.

Be the first to share your take and keep the conversation moving.

Join the conversation

Log in or sign up to add your comment and participate in the discussion!

Log In Sign Up

UPVOTERS

Community appreciation

See who found this content valuable and showed their support.

No upvotes yet.

Be the first to show your appreciation for this content.

TOPICS

Explore the same topics

Discover more content from the topics this post is mapped to.

bleepingcomputer.com
Microsoft warns of Exchange zero-day flaw exploited in attacks

On Thursday, Microsoft shared mitigations for a high-severity Exchange Server vulnerability exploited in attacks that allow threat actors to execute arbitrary…
Thanakorn Boon

Thanakorn Boon

2026-05-15 13:24
0
darkreading.com
Taiwan Incident Highlights Cybersecurity Gaps in Rail Systems

A Taiwanese student experimenting with software-defined radio technology shut down three bullet trains for nearly an hour, leading to an anti-terrorism respons…
DR

Dark Reading

4h ago
0
bleepingcomputer.com
TeamPCP hackers advertise Mistral AI code repos for sale

The TeamPCP hacker group is threatening to leak source code from the Mistral AI project unless a buyer is found for the data. [. .. ]
CA

Carlos

8h ago
0
bleepingcomputer.com
Hackers exploit auth bypass flaw in Burst Statistics WordPress …

Hackers are leveraging a critical authentication bypass vulnerability in the WordPress plugin Burst Statistics to obtain admin-level access to websites. [. .. ]
Thanakorn Boon

Thanakorn Boon

13h ago
0
bleepingcomputer.com
Cisco warns of new critical SD-WAN flaw exploited in zero-day a…

Cisco is warning that a critical Catalyst SD-WAN Controller authentication bypass flaw, tracked as CVE-2026-20182, was actively exploited in zero-day attacks t…
Marcus Allen

Marcus Allen

14h ago
0
thehackernews.com
Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited…

Cisco has released updates to address a maximum-severity authentication bypass flaw in Catalyst SD-WAN Controller that it said has been exploited in limited at…
TN

The Hacker News

15h ago
0

Keep browsing

Explore more from this topic

Dive into the full feed of curated posts covering Cybersecurity & Data Protection.

Browse Topics

RELATED CONTENT

Continue exploring

Discover more content that aligns with your interests and this post.

thehackernews.com
Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited…

Cisco has released updates to address a maximum-severity authentication bypass flaw in Catalyst SD-WAN Controller that it said has been exploited in limited at…
TN

The Hacker News

15h ago
0
thehackernews.com
Ghostwriter Targets Ukrainian Government With Geofenced PDF Phi…

The Belarus-aligned threat group known as Ghostwriter has been attributed to a fresh set of attacks targeting governmental organizations in Ukraine. Active sin…
TN

The Hacker News

20h ago
0
thehackernews.com
New Fragnesia Linux Kernel LPE Grants Root Access via Page Cach…

Details have emerged about a new variant of the recent Dirty Frag Linux local privilege escalation (LPE) vulnerability that allows local attackers to gain root…
Thanakorn Boon

Thanakorn Boon

1d ago
0
thehackernews.com
Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Pat…

Microsoft has unveiled a new multi-model artificial intelligence (AI)-driven system called MDASH to facilitate vulnerability discovery and remediation at scale…
RM

ryan maybe

1d ago
0
thehackernews.com
New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential …

Exim has released security updates to address a severe security issue affecting certain configurations that could enable memory corruption and potential code e…
CA

Carlos

2d ago
0
thehackernews.com
New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Ne…

Cybersecurity researchers have flagged a new version of the TrickMo Android banking trojan that uses The Open Network (TON) for command-and-control (C2). The n…
Thanakorn Boon

Thanakorn Boon

2d ago
0

Still curious?

See more related posts

Keep the inspiration flowing with fresh submissions and trending finds from the community.

View Latest