Breaking News – Cyber Threats (last 6h)
Generated: 2026-05-15 03:00 PDT
- Microsoft warns of Exchange zero-day flaw exploited in attacks
BleepingComputer • 2026-05-15 02:40 • www.bleepingcomputer.com
On Thursday, Microsoft shared mitigations for a high-severity Exchange Server vulnerability exploited in attacks that allow threat actors to execute arbitrary code via cross-site scripting (XSS) while targeting Outlook on the web users. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-warns-of-exchange-zero-day-flaw-exploited-in-attacks/ - [Guest Diary] New Malware Libraries means New Signatures, (Fri, May 15th)
SANS ISC Diary (full) • 2026-05-14 23:38 • isc.sans.edu

 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;};;
https://isc.sans.edu/diary/rss/32986 - On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email
The Hacker News • 2026-05-14 23:19 • thehackernews.com
Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come under active exploitation in the wild.
The vulnerability, tracked as CVE-2026-42897 (CVSS score: 8.1), has been described as a spoofing bug stemming from a cross-site scripting flaw. An anonymous researcher has been credited with discovering and reporting the issue.
“
https://thehackernews.com/2026/05/on-prem-microsoft-exchange-server-cve.html - CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
The Hacker News • 2026-05-14 22:28 • thehackernews.com
The U.S.Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly disclosed vulnerability impacting Cisco Catalyst SD-WAN Controller to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to remediate the issue by May 17, 2026.
The vulnerability is a critical authentication bypass tracked as CVE-2026-20182. It’s
https://thehackernews.com/2026/05/cisa-adds-cisco-sd-wan-cve-2026-20182.html - ISC Stormcast For Friday, May 15th, 2026 https://isc.sans.edu/podcastdetail/9934, (Fri, May 15th)
SANS ISC Diary (full) • 2026-05-14 21:10 • isc.sans.edu
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
https://isc.sans.edu/diary/rss/32992
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
