CSO Online

FlowerStorm phishing gang adopts virtual-machine obfuscation to evade email defenses

Researchers say the campaign uses a browser-based JavaScript VM to hide credential theft and intercept MFA at scale.
CSO Online

Exchange Server zero-day vulnerability can be triggered by opening a malicious email

A newly discovered zero-day vulnerability in Microsoft Exchange Server has experts declaring an emergency and urging CSOs to ...
Gwinnett Daily PostOpinion

THOMAS: Being wrong means never having to say ‘sorry’

I was born in Washington, D.C., at the end of 1942. Growing up in the suburbs there was so little crime it made the front ...
The Hacker News

On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email

Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come ...
The Bismarck Tribune

Failed cyber attack leads to roughly 25,000 North Dakotans receiving email from NDIT

A failed cyberattack resulted in North Dakota's Information Technology Department unintentionally sending an email ...
The Caledonian-Record

Egnyte Targets Data Fragmentation with Automated Email and Content Governance

Egnyte, a leader in secure content collaboration, intelligence, and governance, today announced a new set of capabilities designed to consolidate fragmented ...
techtimes

Ghost CMS SQL Injection Hits 700 Sites: Harvard, DuckDuckGo Serve Fake Cloudflare Malware

An unpatched SQL injection vulnerability in the Ghost content management system has been weaponized in an active, large-scale cyberattack that has compromised more than 700 websites worldwide — ...

Microsoft Confirms Active 0-Day Exploit—Check Emergency Mitigation

Microsoft Exchange users are urged to mitigate a zero-day vulnerability that CISA has confirmed is under active exploitation.
Tech Times

Exchange Server OWA Zero-Day CVE-2026-42897 Exploited With No Permanent Patch and New Mitigation Gaps

Microsoft confirmed on May 14 that CVE-2026-42897 — a cross-site scripting flaw in the Outlook Web Access component of Exchange Server 2016, 2019, and Subscription Edition — is under active ...
The Caledonian-Record

Defesio LLC CEO Believes That Health Care Organizations And Clinics Not Using Quantum Resistant Email May Not Be Technically HIPAA Compliant Anymore.

GRANITE BAY, CA / ACCESS Newswire / May 21, 2026 / HIPAA also requires healthcare providers and organizations to implement specific administrative, physical, and technical safeguards to secure electro ...