Microsoft confirmed on May 14 that CVE-2026-42897 — a cross-site scripting flaw in the Outlook Web Access component of Exchange Server 2016, 2019, and Subscription Edition — is under active ...

Microsoft on Thursday disclosed a zero-day vulnerability in Exchange that's under active exploitation, but four days later customers are still awaiting a patch. The zero-day, tracked as CVE-2026-42897 ...

Reported over three years ago and allegedly still not properly fixed, the vulnerability enables attacks to execute JavaScript ...

Tycoon2FA has returned with new device-code phishing attacks targeting Microsoft 365 users through legitimate OAuth login ...

Microsoft Exchange Servers are under threat from a zero-day vulnerability, exploited via crafted emails. With no official ...

Microsoft Exchange users are urged to mitigate a zero-day vulnerability that CISA has confirmed is under active exploitation.

CNCF graduation, Microsoft tooling updates and cloud-provider support show broader OpenTelemetry adoption across developer platforms.

Active Microsoft Exchange zero-day leaves organisations exposed By Nicola Mawson, Contributing journalistJohannesburg, 19 May 2026An exploit in on-premises Microsoft Exchange servers has already been ...

Christopher Scott, data center program manager at Microsoft, pairs his work in a fast-growing industry with mentoring ...

A zero-day vulnerability exists in Microsoft Exchange, which attackers are already exploiting. Admins should act quickly.

Now sites have a new way to spy on their visitors: measuring subtle interactions with their solid-state drives. The technique ...

Google has accidentally leaked details about an unfixed issue in Chromium that keeps JavaScript running in the background ...