Exchange Server

Microsoft has issued a warning about a high-severity vulnerability in hybrid Microsoft Exchange Server deployments.

Tracked as CVE-2025-53786, the vulnerability could allow for privilege escalation by cyber threat actors with administrative access to an on-premise Microsoft Exchange server. Although there is not currently any indication of active exploitation, the issue is considered extremely serious and requires immediate attention.

Late last week, Microsoft confirmed the existence of two actively exploited zero-day vulnerabilities in Exchange Server. Tracked as CVE-2022-41082 and CVE-2022-41040, both security flaws are worrying as they are known to be actively exploited.

While it works on a fix, Microsoft offered up instructions to mitigate the vulnerabilities. But it turns out that it is incredibly easy to bypass, with security experts warning that the method used is too specific, rendering it ineffective.

Cybersecurity company ESET has released new research into FamousSparrow, a cyberespionage group attacking hotels worldwide, as well as governments, international organizations, engineering companies and law firms.

The Advanced Persistent Threat (APT) group FamousSparrow has been exploiting the Microsoft Exchange vulnerability known as ProxyLogon, which allows hackers to take control of Exchange servers.

In early March, Microsoft disclosed that Chinese hackers had exploited software vulnerabilities in Microsoft Exchange on-premises servers to gain access to the email accounts of thousands of Microsoft customers.

While these companies are now laser-focused on deploying patches and other security measures to remediate the vulnerabilities in their email software, Josh Douglas, VP of product management -- threat intelligence at Mimecast, believes these technical fixes will only go so far.