Microsoft fixes Exchange Online bug flagging Gmail emails as spam
Microsoft has resolved an issue with a machine learning model that mistakenly flagged emails from Gmail accounts as spam in Exchange Online. Tracked as EX1064599 in the Microsoft 365 admin center, the issue started impacting users on April 25 at 09:24 UTC, automatically moving emails erroneously tagged as malicious to the junk folder. “We’ve identified that our […]
Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts
Russian threat actors have been abusing legitimate OAuth 2.0 authentication workflows to hijack Microsoft 365 accounts of employees of organizations related to Ukraine and human rights. The adversary is impersonating officials from European countries and contact targets through WhatsApp and Signal messaging platforms. The purpose is to convince potential victims to provide Microsoft authorization codes that […]
Microsoft fixes machine learning bug flagging Adobe emails as spam
Microsoft says it mitigated a known issue in one of its machine learning (ML) models that mistakenly flagged Adobe emails in Exchange Online as spam. As the company revealed in an advisory on the Microsoft 365 admin center tagged as EX1061430, users had issues accessing alerts for Adobe URLs starting April 22 at 09:24 UTC while […]
Active! Mail RCE flaw exploited in attacks on Japanese orgs
An Active! Mail zero-day remote code execution vulnerability is actively exploited in attacks on large organizations in Japan. Active! mail is a web-based email client developed initially by TransWARE and later acquired by Qualitia, both Japanese companies. While it’s not widely used worldwide like Gmail or Outlook, Active! is often used as a groupware component […]
Google rolls out easy end-to-end encryption for Gmail business users
Google has started rolling out a new end-to-end encryption (E2EE) model for Gmail enterprise users, making it easier to send encrypted emails to any recipient. While businesses also have the option to configure the Secure/Multipurpose Internet Mail Extensions (S/MIME) protocol to send digitally signed and encrypted messages, this requires significant resources, including deploying certificates to […]
Microsoft fixes button that restores classic Outlook client
Two weeks ago, Microsoft said it was investigating an issue causing the new Outlook email client to crash when users clicked a button that should’ve helped them switch back to classic Outlook. The company now says this bug has been fixed, and clicking the “Go to classic Outlook” button will no longer crash New Outlook […]
Microsoft: Exchange Online bug mistakenly quarantines user emails
Microsoft is investigating an Exchange Online bug causing anti-spam systems to mistakenly quarantine some users’ emails. According to a new incident report added to the Microsoft 365 Admin Center, the email issues started almost five hours ago, at 10:11 UTC. While the company has yet to share what regions are impacted, this Exchange Online incident has been tagged as a critical […]
Week-long Exchange Online outage causes email failures, delays
Microsoft says it partially mitigated a week-long Exchange Online outage causing delays or failures when sending or receiving email messages. While the company didn’t publicly share information on this incident, it tagged it as a critical service issue tracked under EX1027675 on the Microsoft 365 Admin Center. Microsoft has yet to share more information on what regions […]
Microsoft fixes Outlook drag-and-drop broken by Windows updates
Microsoft has fixed a known issue that broke email and calendar drag-and-drop in classic Outlook after installing recent updates on Windows 24H2 systems. According to Redmond, the updates that trigger these problems are the KB5050094 January 2025 preview cumulative update and the KB5051987 February 2025 security update. “After installing the January 2025 Windows non-security preview update and subsequent updates […]
Orange Group confirms breach after hacker leaks company documents
A hacker claims to have stolen thousands of internal documents with user records and employee data after breaching the systems of Orange Group, a leading French telecommunications operator and digital service provider. The threat actor published on a hacker forum details about the stolen data after trying to extort the company unsuccessfully. Orange confirmed the […]