Microsoft Exchange Flaw Lets Attackers Spoof Any Email Address

Tuesday, June 9, 2026 at 08:20 PM UTC·Source: Dark Reading

Updated: Tuesday, June 9, 2026 at 09:00 PM UTC

Executive Summary

"Ghost-Sender" uses Exchange Online or on-premises in hybrid mode with a third-party mail server or spam filter to achieve this level of spoofing.

Analysis

"Ghost-Sender" uses Exchange Online or on-premises in hybrid mode with a third-party mail server or spam filter to achieve this level of spoofing.

Source Attribution

Originally published by Dark Reading on Jun 9, 2026.

Related Threats

LOWVulnerability

Labcorp reaches $35M settlement over American Medical Collection Agency breach

Do you remember the horrific American Medical Collection Agency (Retrieval-Masters Creditors Bureau Inc.) breach in 2019? You can refresh your memory by scrolling through the Related posts below this one, but TL;DR: LabCorp was one of AMCA’s clients that was affected by the breach, and in July 2019, they notified HHS that 10,251,784 patients had... Source

1h agoDataBreaches.net

LOWVulnerability

German Court: Google Liable for AI Summaries

<img src="https://ismg-cdn.nyc3.cdn.digitaloceanspaces.com/articles/german-court-google-liable-for-ai-summaries-image_small-10-a-31955.jpg" align=right hspace=4><b>Court Says Google Is Responsible for Content Generated by Its Machines</b><br>A German court dealt a blow to Google AI-infused search by deciding that the Big Tech firm is liable for defamatory statements in the AI summaries that increa

1h agoBank Info Security

MEDIUMVulnerability

G7 central banks publish report on quantum tech

The G7 Central Bank Quantum Technologies Working Group (QTWG) announces the publication of its report, “Preparing for Quantum Technologies: Key Considerations for Financial Sector Participants.” This document constitutes the first public deliverable of the working group.

1h agoFinextra