Tag: email
-
Webinar: Why traditional email security is no longer enough
Modern phishing, business email compromise, and account takeover attacks increasingly exploit trusted identities and legitimate business workflows, making them harder for traditional email defenses to detect. This webinar explores how behavioral AI can help organizations automate detection and response. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/webinar-why-traditional-email-security-is-no-longer-enough/
-
Fake Interpol Investigation Emails Push Ransomware at Small Businesses Globally
Fake Interpol investigation emails are targeting small businesses with Proton Drive links that deliver ransomware, encrypt files, and route victims to Tox chat. First seen on hackread.com Jump to article: hackread.com/fake-interpol-investigation-emails-ransomware-small-businesses/
-
ARToken: Inside an EvilTokens affiliate panel targeting Microsoft 365
Talos has identified “ARToken,” a phishing-as-a-service platform that targets Microsoft 365. The ARToken panel exposes 80+ API endpoints for device code phishing, Primary Refresh Token persistence, email access, BEC operations, and SharePoint exfiltration. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/artoken-inside-an-eviltokens-affiliate-panel-targeting-microsoft-365/
-
The ARToken phishing panel targets Microsoft 365 accounts
Accounts-payable staff at U.S. companies keep receiving invoice emails that look like they come from vendors they already work with. One landed at a life-sciences company in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/07/01/artoken-phishing-panel-microsoft-365-accounts/
-
RedLine Infostealer Thread Reveals Hidden Maritime Phishing and BEC Infrastructure
A routine threat-feed alert for a RedLine Stealer command-and-control (C2) IP morphed into a full-scale pivot investigation that exposed a tailored maritime spear”‘phishing and business email compromise (BEC) ecosystem. The starting signal a UniqueSignal entry from VMRay identified 194[.]156.79.122:55615 as a RedLine-associated host. That solitary indicator, combined with targeted forensic pivots across VirusTotal, FOFA, Censys…
-
Hackers Use Fake FIFA World Cup 2026 T-Shirt Offers to Spread Voidrift Malware
A fake FIFA World Cup 2026 T-shirt giveaway scam is spreading Voidrift malware through personalized emails using company logos and trusted websites to bypass security filters. First seen on hackread.com Jump to article: hackread.com/hackers-fake-fifa-world-cup-2026-t-shirt-voidrift-malware/
-
Japanese Telecom Giant Says Breach May Expose 14.2 Million Email Accounts
KDDI says a breach may have exposed email addresses and passwords for up to 14.2 million ISP accounts across six providers. The post Japanese Telecom Giant Says Breach May Expose 14.2 Million Email Accounts appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-kddi-breach-isp-email-accounts-apac-japan/
-
Lessons from the Underground: How to Combat Business Email Compromise
Business Email Compromise is more than an email scam. It’s a coordinated operation involving compromised accounts, financial research, and cash-out networks. Flare explores how underground forums reveal how BEC attacks are planned and executed. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/lessons-from-the-underground-how-to-combat-business-email-compromise/
-
Hackers Leverage Blockchain to Hit Japan’s Hotels Through Booking.com Phishing
A wave of phishing emails sent to Booking.com partner accommodations in Japan in May led to blockchain-hosted malware First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/hackers-blockchain-japan-hotels/
-
Japan Hotel Industry Targeted With TONResolver RAT and Guest Complaint Phishing Emails
Japan’s hotel sector is the latest target of a sophisticated phishing and remote-access trojan (RAT) campaign that leverages guest-complaint lures and an unusual resilience mechanism: a TON blockchainbased dead-drop resolver. Beginning in late May 2026, attackers sent highly targeted emails to Booking.com partner properties in Japan with subject lines such as “é‡è¦ï¼šã‚²ã‚¹ãƒˆæ»žåœ¨ãƒ¬ãƒ“ューä¾é ¼” (Important: Guest Stay…
-
KDDI Data Breach May Expose 14.2 Million Email Accounts
KDDI disclosed a breach that may have exposed up to 14.2 million email accounts after attackers exploited a third-party software vulnerability. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/kddi-data-breach-may-expose-14-2-million-email-accounts/
-
Webinar: Why business email compromise attacks keep succeeding
Business email compromise attacks increasingly rely on convincing impersonation rather than malware, making them harder for employees and traditional email defenses to detect. This webinar explores how behavioral AI can help identify sophisticated email threats and automate response workflows. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/webinar-why-business-email-compromise-attacks-keep-succeeding/
-
KDDI Data Breach Impacts up to 14.2 Million Email Accounts at Six ISPs
KDDI Corporation disclosed a breach affecting up to 14.2 million email accounts after attackers exploited a vulnerability in third-party software. KDDI Corporation disclosed a data breach that exposed up to 14.2 million email accounts across six Japanese internet service providers. KDDI Corporation is one of Japan’s largest telecommunications companies. It employs more than 60,000 people…
-
Security Affairs newsletter Round 583 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. New FBI Alert: Russian Intelligence Uses Signal Recovery Keys to Access Messages Hospitality Sector Hit by…
-
Data breach exposes up to 14.2 million email logins at six ISPs
Japanese telecommunications operator KDDI Corporation disclosed a data breach where threat actors gained access to one of its email systems used by five other internet service providers (ISPs) in the country. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/data-breach-exposes-up-to-142-million-email-logins-at-six-isps/
-
Hospitality Sector Hit by Phishing Campaign Using Fake Guest Complaint Emails
Microsoft warns of a phishing campaign targeting the hospitality sector with fake guest emails that install TonRAT using resilient persistence. Microsoft Threat Intelligence published a detailed analysis on an ongoing hacking campaign against hospitality organizations that has been running since April 2026. The targets are specific: device names observed across compromised environments include strings like…
-
Russia accuses Apple of ‘political censorship’ after VK apps removed from App Store
Apple removed VK’s flagship social network VKontakte, often described as Russia’s equivalent of Facebook, along with VK Music, VK Messenger, VK Video, Odnoklassniki and Mail.ru services, including its email application. First seen on therecord.media Jump to article: therecord.media/russia-accuses-apple-of-political-censorship-after-vk-removal
-
Synology issues critical fix for MailPlus Server vulnerabilities
Synology has has fixed critical vulnerabilities in MailPlus Server, a software package used to run private email infrastructure on Synology NAS devices. The security update … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/26/synology-mailplus-server-vulnerabilities/
-
Poland busts SIM-swapping gang tied to millions in crypto theft
Authorities in Poland have arrested four members of an organized cybercrime group accused of breaching telecommunications partners and hijacking email accounts to carry out SIM-swapping attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/poland-busts-sim-swapping-gang-tied-to-millions-in-crypto-theft/
-
LLM security advice looks solid until you check the hard cases
Plenty of people now type their security worries straight into a chatbot. A hacked account, a suspicious email, a stalker who might be tracking a phone, all of it lands in the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/25/helpbench-llm-security-advice/
-
Hackers Abuse Cloudflare-Hosted AWS Phishing Domains to Steal Console Logins
A concise but sophisticated phishing campaign that targeted AWS console users by abusing Cloudflare-hosted domains to deliver adversary-in-the-middle (AiTM) credential theft. Each domain served an almost identical clone of the AWS console sign-in page and implemented a server-driven flow that dynamically branched into email, SMS, or authenticator-app MFA challenges, enabling real-time capture of second factors.…
-
ThreatsDay Bulletin: Smart TV Proxyware, 24-Year curl Bug, AI Crime Forums + 13 More Stories
It’s dumb out there again.This week has the usual smell of prod on fire and nobody wanting to admit who left the door open, old creds still working, trusted apps doing sketchy crap, browser tricks jumping the fence, and “normal” workflows turning into phishing pipes because apparently email was not enough hell already.The worst part…
-
Integrated Email Protection – Barracuda stärkt E-Mail-Schutz für MSP mit KI
First seen on security-insider.de Jump to article: www.security-insider.de/barracuda-staerkt-e-mail-schutz-fuer-msps-mit-ki-a-4b9f96cba72b1859b44577ed4249d09f/
-
AI-Powered Phishing Attacks Surge 1,380% as Criminal Platforms Render MFA Obsolete
Imagine completing a two-factor authentication check on a real Microsoft login page and still handing a criminal full access to your email account. That is not a hypothetical. According to new research published this week by cybersecurity company Huntress, it happened across hundreds of organisations in the first four months of 2026 and the victims…
-
KnowBe4 awarded in the email security industry
KnowBe4, the human risk management platform, today announced it has been awarded ‘2026 Global Customer Value Leadership’ in the email security industry as part of Frost & Sullivan’s Best Practices recognition. Best Practices awards companies for their superior leadership and innovation. Frost & Sullivan recognised KnowBe4 for: Its continued protection of the human element of…
-
KDDI Breach Affects Six Japanese ISPs, Exposes 14.2 Email Credentials
Customers of the affected Japanese email services are “strongly advised” to change their email passwords First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/kddi-breach-japanese-telcos/
-
KDDI Data Breach May Have Exposed Up to 14.22 Million Email Accounts
Japanese telecommunications company KDDI has disclosed a major cybersecurity incident in which up to 14.22 million email addresses and passwords may have been exposed through systems used by multiple internet service providers. The KDDI data breach has now become one of the most recent security events involving shared ISP infrastructure in Japan. First seen on…
-
Your AI agent can’t be authenticated by a password reset email
First seen on scworld.com Jump to article: www.scworld.com/perspective/your-ai-agent-cant-be-authenticated-by-a-password-reset-email
-
Fake AI Agent Skill Passed Security Scans and Reportedly Reached 26,000 Agents
Security firm AIR built a fake AI agent skill, pushed it through a popular skill marketplace and an Instagram ad, and says it reached roughly 26,000 agents, including some on corporate accounts.Every skill security scanner the firm tested it against marked it safe. The payload was harmless by design: it collected the user’s email address…

