CSO Online

FlowerStorm phishing gang adopts virtual-machine obfuscation to evade email defenses

Researchers say the campaign uses a browser-based JavaScript VM to hide credential theft and intercept MFA at scale.
CSO Online

Exchange Server zero-day vulnerability can be triggered by opening a malicious email

A newly discovered zero-day vulnerability in Microsoft Exchange Server has experts declaring an emergency and urging CSOs to ...
The Caledonian-Record

Defesio LLC CEO Believes That Health Care Organizations And Clinics Not Using Quantum Resistant Email May Not Be Technically HIPAA Compliant Anymore.

GRANITE BAY, CA / ACCESS Newswire / May 21, 2026 / HIPAA also requires healthcare providers and organizations to implement specific administrative, physical, and technical safeguards to secure electro ...
InfoWorld

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...
The Hacker News

On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email

Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come ...
The Caledonian-Record

Proofpoint Integrates with the Claude Compliance API to Extend Data Security and Governance to ...

Organizations gain unified visibility across AI prompts, responses, files, activity logs, and workflows.Customers can extend existing data loss, behavioral risk, and supervision controls into Claude w ...

Microsoft Confirms Active 0-Day Exploit—Check Emergency Mitigation

Microsoft Exchange users are urged to mitigate a zero-day vulnerability that CISA has confirmed is under active exploitation.
The Register-Herald

Ex-prosecutor charged with sending to herself copy of Smith report on Trump classified files probe

A former federal prosecutor is facing federal charges over allegations that she sent a report detailing Jack Smith’s ...
Tech Times

Exchange Server OWA Zero-Day CVE-2026-42897 Exploited With No Permanent Patch and New Mitigation Gaps

Microsoft confirmed on May 14 that CVE-2026-42897 — a cross-site scripting flaw in the Outlook Web Access component of Exchange Server 2016, 2019, and Subscription Edition — is under active ...

What's a coding course for in the age of AI? Maybe not learning to write it

Now, it's an open question: Is there still a value in learning how to code?