Microsoft has shared mitigations for CVE-2026-42897 until a permanent patch can be released for affected Exchange Server versions.
Two employee devices were compromised in the attack, and credential material was stolen from OpenAI code repositories.
The zero-day, tracked as CVE-2026-20182, has been exploited in targeted attacks by a sophisticated threat actor identified as UAT-8616.
For AI data centers, where the stakes are the highest and performance constraints are the tightest, security and performance are no longer a zero-sum game.
Many AI-first enterprises have already embraced sovereign architectures for general AI initiatives; cybersecurity—and the SOC—should be next.
Only with the right platform and an agentic, AI-driven defense, will enterprises be able to protect themselves in the agentic era.
From autonomous code generation to decision-making systems that initiate actions without human intervention, the industry is entering a new phase.
Securing national resilience now depends on faster, deeper partnerships with the private sector.
Organizations are investing heavily in third-party risk management, but breaches, delays, and blind spots continue to persist. Join this live webinar as we examine the gap between how organizations think their third-party risk programs are performing and what’s actually happening in practice.
RegisterDelve into big-picture strategies to reduce attack surfaces, improve patch management, conduct post-incident forensics, and tools and tricks needed in a modern organization.
Register
SecurityWeek’s 2026 Threat Detection & IR Summit will bring together security practitioners from around the world to share war stories on breaches, APT attacks and more.
[May 20, 2026 | Virtual]
SecurityWeek’s CISO Forum 2026 Mid-Year Review is a virtual roundtable to evaluate the year’s most pressing challenges and share critical updates shaping the 2026 security landscape.
[June 10, 2026 | Virtual]
SecurityWeek’s 2026 Cloud Security Summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments.
[July 15, 2026 | Virtual]
SecurityWeek’s CodeSecCon 2026 will bring together developers and cybersecurity professionals to revolutionize the way applications are built, secured, and maintained.
[August 19, 2026 | Virtual]
-
Microsoft has shared mitigations for CVE-2026-42897 until a permanent patch can be released for affected Exchange Server versions. (May 15, 2026)
-
The refresh resolves critical-severity use-after-free and other types of bugs in various browser components. (May 15, 2026)
-
The zero-day, tracked as CVE-2026-20182, has been exploited in targeted attacks by a sophisticated threat actor identified as UAT-8616. (May 15, 2026)
-
The vulnerability, tracked as CVE-2026-46300, is similar to the recently disclosed exploits named Dirty Frag and Copy Fail. (May 14, 2026)
-
The second iteration of the German-speaking online crime marketplace had over 22,000 users and more than 100 sellers. (May 11, 2026)
-
A system that thousands of schools and universities use went offline due to a cyberattack, creating chaos as students tried to study for finals. (May 8, 2026)
-
Gavril Sandu, 53, was indicted in 2017, but was arrested and extradited to the United States only in 2026. (May 6, 2026)
-
Deniss Zolotarjovs was directly involved in extortion strategies and in negotiations with victim companies. (May 5, 2026)
