News Microsoft patches actively exploited Exchange Server zero-day (CVE-2026-42897) June 10, 2026 / June 10, 2026 by Alex Mira | Leave a Comment Microsoft patched an actively exploited Exchange Server zero-day (CVE-2026-42897) that enables XSS against Outlook Web Access users. Admins should install June 2026 updates promptly and keep EEMS mitigations enabled. Read more » CISA KEV CVE-2026-42897 Microsoft Exchange Server Outlook Web Access XSS Zero-day
News Pwn2Own Berlin 2026 day two: Exchange, Windows 11, and AI tooling fall to fresh zero-days May 17, 2026 / May 17, 2026 by Alex Mira | Leave a Comment Pwn2Own Berlin 2026 day two delivered 15 new zero-days—spanning Microsoft Exchange, Windows 11, RHEL Workstations, NVIDIA Container Toolkit, and AI coding agents—triggering $385,750 in awards and setting up a busy patch cycle. Read more » AI security Microsoft Exchange NVIDIA Container Toolkit Pwn2Own Red Hat Enterprise Linux Windows 11 Zero-day
