The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive requiring all Federal Civilian Executive Branch agencies to mitigate a newly disclosed vulnerability in Microsoft Exchange, tracked as CVE-2025-53786. This flaw, which affects Exchange Server 2016, 2019, and the Subscription Edition in hybrid-joined environments, allows attackers with administrative access to an on-premises Exchange server to move laterally into connected Microsoft 365 cloud environments. Though no in-the-wild exploitation has been observed, CISA mandates urgent action by 9:00 AM EDT on Monday, August 11, 2025, to prevent potential domain-wide compromise. The vulnerability is especially dangerous due to the historical use of a shared service principal between Exchange Server and Exchange Online in entra ID, which lacks easily auditable trails and can be exploited for stealthy privilege escalation. Microsoft, under its Secure Future Initiative, began separating these identities in April 2025, introducing Hotfix Updates (HUs) to support a new dedicated hybrid application model. Microsoft has rated the risk of exploitation as "more likely," and researchers emphasize that continued use of the shared principal significantly increases exposure to cloud compromise in hybrid deployments. CISA recommends immediate patching and transitioning to the dedicated hybrid application using Microsoft’s Configure Exchange Hybrid Application script. Agencies must run the Exchange Server Health Checker, apply the latest cumulative updates and April 2025 HUs, validate configurations, and disconnect unsupported or end-of-life servers. For agencies no longer operating hybrid Exchange, credential resets and clean-up steps are advised. Full status reports are due to CISA by 5:00 PM EDT on August 11, with further technical support and compliance tracking through December 2025.
On September 17, 2025, Adobe was in serious trouble with its Analytics platform due to an upgrade aimed at enhancing performance. This upgrade unintentionally introduced a bug in t...
A publicly released proof-of-concept for CVE-2025-32463 demonstrates a local privilege escalation in the Sudo utility that can lead to full root access when certain chroot-related ...
CYFIRMA researchers have discovered Yurei Ransomware, a new Go-based malware that encrypts files and spreads through SMB shares and removable drives. Designed for stealth and speed...