Spectra Networks

Spectra Networks

Share

On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email 07/09/2026

𝐈𝐧 𝐌𝐚𝐲 𝟐𝟎𝟐𝟔, 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐜𝐨𝐧𝐟𝐢𝐫𝐦𝐞𝐝 𝐭𝐡𝐚𝐭 𝐡𝐚𝐜𝐤𝐞𝐫𝐬 𝐚𝐫𝐞 𝐚𝐜𝐭𝐢𝐯𝐞𝐥𝐲 𝐛𝐫𝐞𝐚𝐤𝐢𝐧𝐠 𝐢𝐧𝐭𝐨 𝐨𝐧-𝐩𝐫𝐞𝐦𝐢𝐬𝐞 𝐄𝐱𝐜𝐡𝐚𝐧𝐠𝐞 𝐬𝐞𝐫𝐯𝐞𝐫𝐬 𝐮𝐬𝐢𝐧𝐠 𝐚 𝐟𝐥𝐚𝐰 𝐜𝐚𝐥𝐥𝐞𝐝 𝐂𝐕𝐄-𝟐𝟎𝟐𝟔-𝟒𝟐𝟖𝟗𝟕.

The attack is simple. A hacker sends a normal-looking email to someone on your team. They open it in the browser version of Outlook. Hidden code in the email runs. The hacker is now inside your network. Your employee doesn't have to click anything.

Just reading the email is enough.

It hits Exchange 2016, 2019, and Subscription Edition. The cloud version (Exchange Online in Microsoft 365) is safe. CISA gave federal agencies until May 29, 2026 to patch this, which tells you how serious it is.

If you don't know whether your business runs Exchange on a server in your office or in Microsoft's cloud, ask your IT person today. If the answer is on-prem, install Microsoft's May 2026 update and turn on Exchange Emergency Mitigation Service (EMS) until the update is fully done. If you've been putting off the move to the cloud, this is your reason to do it now.

Your email server is the front door to your business. Right now, thousands of them are unlocked. 🔓
https://thehackernews.com/2026/05/on-prem-microsoft-exchange-server-cve.html

On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email CVE-2026-42897 is exploited in on-prem Exchange; crafted emails enable spoofing, forcing urgent mitigation.

07/06/2026

🚨 Saving passwords in Chrome is one of the 𝐫𝐢𝐬𝐤𝐢𝐞𝐬𝐭 habits you could have today.

Chrome stores them in a way that's easy to steal. Anyone who gets onto your computer can pull every saved login in seconds. Malware called infostealers (names like Redline, Lumma, and Vidar) does exactly that. Once it's on a machine, it copies every saved password and sells them online within hours.

The fix takes about 10 minutes. Sign up for a real password manager. 1Password, Bitwarden, and Dashlane all work, and Bitwarden has a free tier that's actually good. Use the built-in import tool to bring in your saved Chrome passwords. Then go into Chrome's settings (Settings > Autofill > Password Manager), 𝐝𝐞𝐥𝐞𝐭𝐞 𝐞𝐯𝐞𝐫𝐲 𝐬𝐚𝐯𝐞𝐝 𝐩𝐚𝐬𝐬𝐰𝐨𝐫𝐝, and turn off "Offer to save passwords."

A real password manager costs around $3 a month per user. Chrome's free one could cost you your business.

Want your business to be the top-listed Computer & Electronics Service in Peabody?
Click here to claim your Sponsored Listing.

Telephone

Address


58 Pulaski Street #B4-7
Peabody, MA
01960

Opening Hours

Monday 8am - 6pm
Tuesday 8am - 6pm
Wednesday 8am - 6pm
Thursday 8am - 6pm
Friday 8am - 6pm