If an attacker gets admin control over the on-premises Exchange server, they can forge authentication tokens or make API ...

Microsoft has urged its customers to be on high alert after discovering a dangerous vulnerability in hybrid Exchange ...

Three Microsoft products were said to be affected: SharePoint Server Subscription Edition, SharePoint Server 2019, and SharePoint Server 2016. SharePoint Online (Microsoft 365) is not affected.

Over 29,000 Microsoft Exchange servers remain unpatched against a vulnerability that could allow attackers to seize control ...

Microsoft sounded the alarm on a hybrid Exchange bug in early August 2025 However almost 30,000 instances remain vulnerable ...

Microsoft fixed 111 vulnerabilities, including a Windows Kerberos zero-day enabling full AD compromise via BadSuccessor.

Today is Microsoft's August 2025 Patch Tuesday, which includes security updates for 107 flaws, including one publicly ...

The researchers at Aim Security dubbed the flaw “EchoLeak.” Microsoft told Fortune that it has already fixed the issue in Microsoft 365 Copilot and that its customers were unaffected.

Parts of the federal enterprise are likely susceptible to the flaw that allows hackers to hijack on-premises versions of ...

Microsoft has pointed the finger at three Chinese nation-state actors for exploiting the SharePoint vulnerabilities. Here's what we know about the security flaws and how to guard against future ...

July 21 (UPI) -- An investigation is underway after hackers used a security flaw in Microsoft software to internationally infiltrate agencies and businesses over the weekend.

Microsoft confirms Chinese hackers exploited a SharePoint flaw; Patches now available. Cloud-based Microsoft 365 not affected ...