The Hacker News

On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email

Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come ...
Morning Overview on MSN

Microsoft Exchange servers are under active attack through CVE-2026-42897 — a spoofing flaw triggered by opening a single crafted email in Outlook Web Access

A single email, opened in a browser, is all it takes. Microsoft Exchange servers running Outlook Web Access (OWA) are being ...
CSO Online

Exchange Server zero-day vulnerability can be triggered by opening a malicious email

A newly discovered zero-day vulnerability in Microsoft Exchange Server has experts declaring an emergency and urging CSOs to ...
Wired

Your Microsoft Exchange Server Is a Security Liability

Once, reasonable people who cared about security, privacy, and reliability ran their own email servers. Today, the vast majority host their personal email in the cloud, handing off that substantial ...
CSOonline

Cyber agencies produce ‘long overdue’ best practices for securing Microsoft Exchange Server

Best practices include a focus on hardening user authentication and access, ensuring strong network encryption, and minimizing application attack surfaces. Cyber agencies from three countries ...