Skip to main content

Tag: spoofing vulnerability

4 articles

Office setting with laptop showing blurred email inbox on screen.

Microsoft Fixes Zero-Day Flaw in Exchange Server Exploited in Attacks

Microsoft has patched a high-severity flaw in Exchange Server, known as CVE-2026-42897, which allowed hackers to execute malicious JavaScript in victims' browsers simply by sending a specially crafted email. This zero-day vulnerability was actively exploited in attacks, putting Outlook Web Access users at risk.

Analyst 207
Server room with a prominent Microsoft Exchange Server setup under ordinary lighting.

Microsoft Exchange Servers Targeted in Active Exploitation

Microsoft has sounded the alarm on a critical vulnerability in on-premise Exchange Servers, known as CVE-2026-42897, that's currently being exploited by hackers - and the company is urging affected users to act fast. A temporary fix is in place, with a permanent patch on the way.

Analyst 207
Rack of servers with a prominent Exchange Server device and nearby laptop in a brightly-lit data center.

Microsoft Exchange Servers Targeted by Active CVE-2026-42897 Exploit

Microsoft warns of a high-severity vulnerability, CVE-2026-42897, in its Exchange Servers, allowing attackers to spoof network communications via a cleverly crafted email. This cross-site scripting flaw has been actively exploited, earning a concerning CVSS score of 8.1.

Analyst 207
Ominous door with glowing keyhole and cracked surface set against dark cityscape.

Microsoft Patch Tuesday Addresses 165 Vulnerabilities, Including Exploited SharePoint Flaw

Microsoft's April Patch Tuesday update is a doozy, addressing a whopping 165 vulnerabilities, including a SharePoint Server spoofing flaw that's already been exploited in the wild. This mega update also fixes a bug that was publicly disclosed by a frustrated researcher.

Analyst 207