Microsoft Exchange zero-day exploited in active attacks
High-severity vulnerability enables arbitrary code execution through cross-site scripting targeting Outlook on the web users. Mitigations released Thursday.
Microsoft disclosed a high-severity Exchange Server vulnerability actively exploited in the wild. The flaw permits threat actors to execute arbitrary code via cross-site scripting when targeting users of Outlook on the web.
The company released mitigations Thursday but has not yet issued a patch. The vulnerability's exploitation in live attacks elevates urgency for organizations running Exchange Server environments. Cross-site scripting attacks typically allow adversaries to inject malicious scripts into web applications, compromising user sessions and data.
Microsoft's advisory provides interim protections while a full security update remains in development. Organizations dependent on Exchange Server for email infrastructure face immediate exposure until patches deploy.
- 01Exchange Server administrators must apply Microsoft's interim mitigations immediately to reduce attack surface.
- 02Organizations using Outlook on the web face elevated risk of session compromise and data exfiltration.
- 03Threat intelligence teams should monitor for exploitation indicators and adjust detection rules accordingly.
Ransomware attack executed entirely by AI agent, researchers report
JadePuffer operation marks what may be the first documented case of a fully autonomous LLM-driven ransomware deployment from reconnaissance to encryption.
Agentic AI Executes Multi-Stage Ransomware Attack via Langflow
Demonstration shows large language model agents autonomously combining exploitation techniques with real-time reasoning to conduct complex intrusions without human intervention.
FortiBleed Attackers Monetize Firewall Access Through Ransomware Partnerships
Actors who compromised thousands of Fortinet devices are now collaborating with Inc and Lynx ransomware groups, adding Nextcloud exploitation to their toolkit.