Black & White Path

Jun 11, 2026 · Information Security

Why the Ghost‑Sender Attack on Microsoft Exchange Is Being Widely Exploited

The Ghost‑Sender flaw lets attackers bypass SPF, DKIM and DMARC by sending spoofed mail directly to Exchange Online's public SMTP endpoint, affecting over half of organizations that use an external mail gateway, and can be mitigated with connector or transport‑rule configurations.