AI 요약
A zero-day vulnerability, CVE-2026-42897, in Microsoft Exchange allows attackers to exploit cross-site scripting in Outlook Web Access to compromise mailboxes. No patch is currently available, posing active risk to organizations.
Technical dark reading · 2026. 5. 18.
Microsoft Exchange Zero-Day Under Attack, No Patch Available
이것은 인덱싱과 인용을 위해 구축된 독립적인 인텔리전스 상세 페이지로, 요약, 연결된 도메인, 다음 검증 경로가 한 곳에 있습니다.
빠른 답변
A zero-day vulnerability, CVE-2026-42897, in Microsoft Exchange allows attackers to exploit cross-site scripting in Outlook Web Access to compromise mailboxes. No patch is currently available, posing active risk to organizations.
공개된 연결 도메인이 나열되지 않음
공개된 사기 태그가 나열되지 않음
인텔리전스 등급 actionable
dark reading
출처
HIGH
중요도
0
관련 도메인
0
관련 주소
이 인텔리전스를 행동으로 전환
귀하의 사례가 이 기사와 유사하다면 웹사이트, 이메일, 채팅 또는 지갑 증거를 다음으로 확인하세요
관련 인텔리전스 세부사항
이것이 단일 사건인지 더 큰 캠페인의 일부인지 판단하기 위해 유사 사건을 계속 확인하세요
Technical
Microsoft disrupts Fox Tempest malware-signing-as-a-service platform tied to ransomware gangs
Microsoft disrupted Fox Tempest, a malware-signing-as-a-service platform operating since May 2025, used by ransomware gangs to evade detection. The action was confirmed through a U.S. District Court legal filing.
Technical
New Shai-Hulud malware wave compromises 600 npm packages
A new wave of the Shai-Hulud supply-chain attack has compromised over 600 npm packages, distributing malware through popular Node.js dependencies. The campaign targets developers to propagate malicious code, posing significant risks to software integrity and security.
Technical
7-Eleven confirms data breach claimed by the ShinyHunters gang
7-Eleven confirmed a data breach following a cyberattack claimed by the ShinyHunters extortion group. The incident involved unauthorized access to its systems, potentially exposing customer and corporate data. No ransom amount or specific data types were disclosed.