Security news aggregator

Latest coverage for Exchange Server

Stay updated on Exchange Server security with the latest news, updates, and expert insights into protecting your email communications effectively.

123 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Exchange Server is a mail server and calendaring server developed by Microsoft. It provides email, calendar and contacts on a networked platform, facilitating communication and scheduling for businesses and organizations.

In the context of information security, Exchange Server is crucial as it often handles sensitive information and proprietary business communications. Security measures are essential to protect against unauthorized access, data breaches, and various forms of cyber threats such as phishing attacks, malware distribution, and exploitation of vulnerabilities within the server's architecture. Managing and securing an Exchange Server involves implementing strong authentication protocols, ensuring timely updates and patches, and monitoring for suspicious activities to maintain the confidentiality, integrity, and availability of the data it processes and stores.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 123 Filtered view

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Microsoft Exchange Server, tracked as CVE-2026-9082 (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. Drupal issued a highly critical security patch on May […]

More from Security Affairs 24 May 2026, 7:54 p.m. Incident · 2 stories Actively exploited CVE-2026-9082 America CISA CVE Critical Exchange Server Flaw Microsoft Patch Vulnerability

On Thursday, Microsoft shared mitigations for a high-severity Exchange Server vulnerability exploited in attacks that allow threat actors to execute arbitrary code via cross-site scripting (XSS) while targeting Outlook on the web users. [...]

More from Bleeping Computer 15 May 2026, 9:40 p.m. Incident · 4 stories 0-Day Exchange Server Flaw Microsoft Mitigation Threat Actor Vulnerability Warning XSS

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA), along with international partners from Australia and Canada, have released guidance to harden on-premise Microsoft Exchange Server instances from potential exploitation

More from The Hacker News 31 Oct 2025, 9:46 p.m. America Australia Authentication CISA Canada Exchange Server MFA Microsoft NSA

US Cyber Defense Agency Releases Best Practices to Harden Exchange EnvironmentsU.S. cyber defense officials and their international partners issued a new blueprint for mitigating Microsoft Exchange vulnerabilities on Thursday as governments worldwide continue to grapple with persistent intrusion campaigns targeting on-premises Microsoft Exchange servers in hybrid environments.

More from Bank Info Security 31 Oct 2025, 11:30 a.m. America CISA Exchange Server Exploit Microsoft Vulnerability

Cybersecurity researchers have shed light on a previously undocumented threat actor called NightEagle (aka APT-Q-95) that has been observed targeting Microsoft Exchange servers as a part of a zero-day exploit chain designed to target government, defense, and technology sectors in China

More from The Hacker News 5 Jul 2025, 12:59 a.m. 0-Day Advanced Persistent Threat China Critical Infrastructure Exchange Server Exploit Flaw Government Microsoft Military Research Threat Actor