Microsoft and the feds late Wednesday sounded the alarm on another high-severity bug in Exchange Server hybrid deployments that could allow attackers to escalate privileges from on-premises Exchange to the cloud. While this latest security flaw, tracked as CVE-2025-53786, isn’t under attack (yet), Microsoft deems “exploitation more likely,” and the US Cybersecurity and Infrastructure Security Agency (CISA) warned that the …
Read More »Microsoft Exchange bug can allow ‘total domain compromise’ • The Register
