CSO Online

Exchange Server zero-day vulnerability can be triggered by opening a malicious email

A newly discovered zero-day vulnerability in Microsoft Exchange Server has experts declaring an emergency and urging CSOs to ...

Microsoft Exchange: Zero-day vulnerability is being attacked

A zero-day vulnerability exists in Microsoft Exchange, which attackers are already exploiting. Admins should act quickly.
theregister

Exploited Exchange Server flaw turns OWA inboxes into script launchpads

Microsoft has confirmed a vulnerability in on-premises Exchange Server that could result in surprise script execution in victims' browsers. Tracked as CVE-2026-42897, the flaw affects Outlook Web ...