If an attacker gets admin control over the on-premises Exchange server, they can forge authentication tokens or make API ...

Microsoft has urged its customers to be on high alert after discovering a dangerous vulnerability in hybrid Exchange ...

Over 29,000 Microsoft Exchange servers remain unpatched against a vulnerability that could allow attackers to seize control ...

Microsoft has warned customers to mitigate a high-severity vulnerability in Exchange Server hybrid deployments that could allow attackers to escalate privileges in Exchange Online cloud environments ...

Three Microsoft products were said to be affected: SharePoint Server Subscription Edition, SharePoint Server 2019, and SharePoint Server 2016. SharePoint Online (Microsoft 365) is not affected.

The Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) has posted an alert saying it is aware of "active exploitation" of a new vulnerability to Microsoft ...

CISA has warned that a critical vulnerability in Microsoft Exchange Servers poses a grave risk to entire Microsoft 365 ...

(NEW YORK) — The Department of Homeland Security’s Cybersecurity and Infrastructure ... SharePoint Servers only,” the post added and “SharePoint Online in Microsoft 365 is not impacted.” A company ...

Cybercriminals are abusing the link wrapping security feature from Proofpoint and Intermedia to launch sophisticated phishing ...

Today is Microsoft's August 2025 Patch Tuesday, which includes security updates for 107 flaws, including one publicly ...

Microsoft fixed 111 vulnerabilities, including a Windows Kerberos zero-day enabling full AD compromise via BadSuccessor.

Microsoft sounded the alarm on a hybrid Exchange bug in early August 2025 However almost 30,000 instances remain vulnerable ...