Trending cybersecurity stories from authoritative sources, grouped
by category. Only stories from the last 72 hours
that meet at least one trending signal: multi-source corroboration,
actively exploited, Saudi/GCC mention, or CVSS ≥ 9. Updated every
4 hours.
On Thursday, Microsoft shared mitigations for a high-severity Exchange Server vulnerability exploited in attacks that allow threat actors to execute arbitrary code via cross-site scripting (XSS) while targeting Outlook on the web users. [...]
A story is surfaced only if (a) its publishedAt is
within the last 72 hours AND (b) it meets at least one
trending signal:
Multi-source corroboration — covered by ≥ 2 sources in the same window.
Actively exploited — CISA KEV match or active-exploit language.
Saudi / GCC — explicit regional mention.
Critical CVSS — CVSS ≥ 9.0 in the disclosure.
Stories that match are bucketed into six mutually-exclusive categories
(precedence as listed above). Each category surfaces up to 3 stories.
The full algorithm is at
ADR-008;
the source allowlist is at
data/cyber-brief/sources.json.