Microsoft warns of Exchange zero-day flaw exploited in attacks

On Thursday, Microsoft shared mitigations for a high-severity Exchange Server vulnerability exploited in attacks that allow ...
CSO Online

Exchange Server zero-day vulnerability can be triggered by opening a malicious email

A newly discovered zero-day vulnerability in Microsoft Exchange Server has experts declaring an emergency and urging CSOs to ...

Google publishes exploit code threatening millions of Chromium users

Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens ...
InfoQ

TanStack Details Sophisticated npm Supply Chain Attack That Compromised 42 Packages

TanStack has released a detailed postmortem describing a sophisticated supply-chain attack that compromised 42 npm packages ...
Morning Overview on MSN

An 18-year-old flaw in NGINX just gave attackers remote code execution on millions of web servers — nobody noticed for two decades

For roughly 18 years, a chunk of code inside one of the internet’s most popular web servers quietly carried a critical ...