Microsoft Exchange Zero-Day CVE-2026-42897 Exploited in the Wild — The Hacker News

Microsoft has disclosed a new zero-day vulnerability in on-premise versions of Exchange Server, identified as CVE-2026-42897. This flaw is actively exploited via crafted emails, allowing attackers to execute arbitrary code remotely. The vulnerability affects multiple versions of Exchange Server, necessitating immediate attention to apply mitigations provided by Microsoft. This incident underscores the critical need for prompt patching and monitoring of Exchange environments to prevent unauthorized access and potential data breaches.

Turla APT Transforms Kazuar Backdoor into P2P Botnet — The Hacker News

The Russian state-sponsored hacking group Turla has upgraded its Kazuar backdoor into a modular peer-to-peer (P2P) botnet, enhancing its capabilities for persistent access and data exfiltration. This development allows the APT to maintain a resilient command-and-control infrastructure, complicating detection and mitigation efforts. Security teams should be aware of this evolution in Turla's tactics and implement network monitoring and anomaly detection to identify potential intrusions leveraging this sophisticated backdoor.

CISA Adds Cisco SD-WAN CVE-2026-20182 to Known Exploited Vulnerabilities Catalog — The Hacker News

CISA has added a critical vulnerability, CVE-2026-20182, affecting Cisco SD-WAN to its Known Exploited Vulnerabilities catalog. This flaw allows attackers to gain admin access through exploitation, posing significant risks to affected networks. Organizations using Cisco SD-WAN should prioritize the application of available patches and review access controls to mitigate potential exploitation. This inclusion highlights the urgency of addressing vulnerabilities that are actively targeted by threat actors.

• Funnel Builder WordPress plugin bug exploited to steal credit cards [BleepingComputer]
• Popular node-ipc npm package compromised to steal credentials [BleepingComputer]
• TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates [The Hacker News]
• Ransomware Groups Claim Responsibility for Attacks on 3 Healthcare Providers - The HIPAA Journal [Google News Security]
• Cisco Catalyst SD-WANの重大な脆弱性、ゼロデイ攻撃で悪用される（CVE-2026-20182） - 株式会社マキナレコード [Google News Security (JP)]