Exchange Online Archives • Daily CyberSecurity

CVE-2025-53786: Microsoft Exchange Hybrid Deployments Expose Cloud Privilege Escalation Risk CVE-2025-53786) Exchange Hybrid Vulnerability, Privilege Escalation

CVE-2025-53786) Exchange Hybrid Vulnerability, Privilege Escalation

CVE-2025-53786: Microsoft Exchange Hybrid Deployments Expose Cloud Privilege Escalation Risk

Do Son August 7, 2025

Yesterday, Microsoft issued a critical security advisory addressing a newly identified vulnerability—CVE-2025-53786—in hybrid Microsoft Exchange environments. The...

Hijacking the Cloud: How a Misconfigured App Can Become a Global Admin in Entra ID Entra ID Impersonation, Privilege Escalation

Hijacking the Cloud: How a Misconfigured App Can Become a Global Admin in Entra ID

Do Son July 18, 2025

In a comprehensive and technically expose, Datadog Security Labs has unveiled a privilege escalation method that allows...

Microsoft 365 “Direct Send” Abused: Phishing Campaign Spoofs Internal Users, Bypasses Security

Do Son June 28, 2025

Varonis’ Managed Data Detection and Response (MDDR) Forensics team has uncovered a stealthy and widespread phishing campaign...

Microsoft Boosts Email Security with General Availability of Inbound SMTP DANE with DNSSEC

Do Son October 30, 2024

Microsoft announced the general availability of Inbound SMTP DANE with DNSSEC for Exchange Online, marking a significant...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

Exchange Online

CVE-2025-53786: Microsoft Exchange Hybrid Deployments Expose Cloud Privilege Escalation Risk

Hijacking the Cloud: How a Misconfigured App Can Become a Global Admin in Entra ID

Microsoft 365 “Direct Send” Abused: Phishing Campaign Spoofs Internal Users, Bypasses Security

Microsoft Boosts Email Security with General Availability of Inbound SMTP DANE with DNSSEC