Business

Late Wednesday, Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA) cautioned about a recently found vulnerability in hybrid Microsoft Exchange. This defect could allow attackers to move from the on-premises edition of the program to its cloud equivalent, so maybe seize whole system control. Identified as CVE-2025-53786, this vulnerability could enable an attacker with administrative access to the on-premises Exchange to increase their privileges by exploiting weak hybrid-joined configurations, according to CISA’s alert. Microsoft has not yet seen any indications that hackers are actively exploiting this vulnerability, according to the CISA alert. Preferring to remain anonymous to offer an honest assessment, a CISA employee confirmed that the agency has simi...