Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

3 headlines in this view

Showing 3 most recent headlines Filtered view

Dark Reading 2 weeks, 2 days ago

Microsoft Exchange Zero-Day Under Attack, No Patch Available

CVE-2026-42897 stems from a cross-site scripting (XSS) vulnerability and can allow an attacker to compromise Outlook Web Access (OWA) mailboxes.

More from Dark Reading 19 May 2026, 9:43 a.m. Incident · 4 stories Actively exploited CVE-2026-42897 0-Day CVE Compromise Microsoft Patch Vulnerability XSS

Bleeping Computer 2 weeks, 5 days ago

Microsoft warns of Exchange zero-day flaw exploited in attacks

On Thursday, Microsoft shared mitigations for a high-severity Exchange Server vulnerability exploited in attacks that allow threat actors to execute arbitrary code via cross-site scripting (XSS) while targeting Outlook on the web users. [...]

More from Bleeping Computer 15 May 2026, 9:40 p.m. Incident · 4 stories 0-Day Exchange Server Flaw Microsoft Mitigation Threat Actor Vulnerability Warning XSS

The Hacker News 2 weeks, 5 days ago

On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email

Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come under active exploitation in the wild

More from The Hacker News 15 May 2026, 6:19 p.m. Incident · 4 stories Actively exploited CVE-2026-42897 CVE Disclosure Email Exchange Server Flaw Microsoft Spoofing Vulnerability XSS

Latest cybersecurity reporting from selected sources.

Refine the feed

Volume over time

Fresh headlines available

Microsoft Exchange Zero-Day Under Attack, No Patch Available

Microsoft warns of Exchange zero-day flaw exploited in attacks

On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email