Tag: email
-
Expired domain leads to supply chain attack on node-ipc npm package
require(‘node-ipc’). The trojanized versions were designed to remain fully functional to avoid immediate detection, which together with other decisions attackers took, such as data exfiltration via DNS TXT, suggest stealthiness was a top priority.Once executed, the malicious code collects information about the host system, including operating system version, hostname, and environment variables. It then starts…
-
Exchange Server zero-day vulnerability can be triggered by opening a malicious email
Tags: automation, data, email, malicious, microsoft, mitigation, risk, service, tactics, update, vulnerability, zero-dayKnown issues with mitigation tactics: However, admins should note there are known issues once the mitigation is applied either manually or automatically through the EM Service.OWA Print Calendar functionality might not work. As a workaround, copy the data or screenshot the calendar you want to print, or use Outlook Desktop client. Inline images might not…
-
On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email
Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come under active exploitation in the wild.The vulnerability, tracked as CVE-2026-42897 (CVSS score: 8.1), has been described as a spoofing bug stemming from a cross-site scripting flaw. An anonymous researcher has been credited with discovering and reporting the…
-
Cyber-Enabled Cargo Crime: How Cybercrime Tradecraft is Used to Steal Freight
Cargo theft now starts with phishing emails and stolen credentials, not hijackings, to reroute and steal freight from supply chains. NMFTA outlines how cyber-enabled cargo crime is changing transportation security. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cyber-enabled-cargo-crime-how-cybercrime-tradecraft-is-used-to-steal-freight/
-
FlowerStorm phishing gang adopts virtual-machine obfuscation to evade email defenses
Tags: attack, authentication, business, cloud, communications, control, credentials, defense, detection, email, framework, government, infrastructure, login, malicious, malware, mfa, microsoft, phishing, service, theftThe campaign dynamically adapts to victims: After deobfuscation, the phishing payload loads infrastructure designed to impersonate Microsoft 365 and other login portals while dynamically adapting to targeted users.According to the report, the malware can determine which authentication provider should be impersonated, preload victim email addresses into phishing pages, and customize branding elements such as company…
-
Critical Exim Mailer Flaw Enables Remote Code Execution Attacks
Tags: attack, cve, cyber, email, flaw, infrastructure, Internet, linux, mail, remote-code-execution, vulnerabilityA newly disclosed vulnerability in the widely used Exim mail transfer agent exposes thousands of internet-facing mail servers to unauthenticated remote code execution, threatening core email infrastructure across Linux and Unix-like systems. Tracked as CVE-2026-45185 and nicknamed “Dead.Letter,” the bug resides in Exim’s handling of TLS-encrypted SMTP traffic, and BDAT chunked message bodies when compiled…
-
Canon MailSuite Security Flaw Allows Attackers to Execute Code Remotely
Canon has disclosed a critical security vulnerability in its GUARDIANWALL MailSuite product that could allow attackers to execute arbitrary code remotely, raising serious concerns for organizations relying on the platform for email security. The issue, officially announced on May 13, 2026, affects GUARDIANWALL MailSuite versions 1.4.00 through 2.4.26. According to Canon, the flaw stems from…
-
New Exim BDAT GnuTLS Vulnerability Enables Code Execution Attacks
A critical, stealthy vulnerability is lurking deep within Exim, the software powering a massive share of the world’s email infrastructure. Sitting exposed on the internet’s front lines, these message transfer agents are highly lucrative targets for ruthless threat actors. This newly unmasked memory corruption flaw arms attackers with the terrifying ability to remotely execute malicious…
-
‘Trust your email again>> Seppmail auf der Infosecurity Europe 2026
Seppmail, einer der führenden Anbieter für sichere E-Mail-Kommunikation, nimmt in diesem Jahr vom 2. bis 4. Juni 2026 an der Infosecurity Europe in London teil. Am Gemeinschaftsstand mit der Bayerischen Wirtschaftskammer C45-5 zeigt das Unternehmen aktuelle Entwicklungen rund um den Schutz digitaler Kommunikation. Im Mittelpunkt des Messeauftritts steht das Leitthema ‘Trust your email again” […]…
-
Vidar Stealer Campaign Evades EDR to Steal Credentials
A new Vidar Stealer campaign is abusing trusted tools, multi”‘stage loaders, and heavy obfuscation to bypass EDR visibility and steal credentials from infected systems silently. This operation shows a clear shift toward “living”‘off”‘the”‘land” techniques and stealthy backdoor architectures that make traditional signature”‘based defenses almost useless. The campaign starts with spear”‘phishing emails that contain compressed archives,…
-
Vidar Stealer Campaign Evades EDR to Steal Credentials
A new Vidar Stealer campaign is abusing trusted tools, multi”‘stage loaders, and heavy obfuscation to bypass EDR visibility and steal credentials from infected systems silently. This operation shows a clear shift toward “living”‘off”‘the”‘land” techniques and stealthy backdoor architectures that make traditional signature”‘based defenses almost useless. The campaign starts with spear”‘phishing emails that contain compressed archives,…
-
Security Affairs newsletter Round 576 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Quasar Linux RAT (QLNX): A Fileless Linux Implant Built for Stealth and Persistence Braintrust security incident…
-
The scam economy has found its AI upgrade
Scam attempts continue to reach consumers via email, text messages, social media, online advertising, and phone calls. The volume of exposure has remained stable over the past … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/11/f-secure-ai-scam-risks-report/
-
Python Infostealer Hides in GitHub Releases to Bypass Detection
A stealthy Python-based infostealer campaign that abuses GitHub Releases to host payloads and maintain long-term, low”‘visibility access to victim systems. The operation, dubbed “Operation HumanitarianBait” in some reporting, appears designed for cyberespionage against Russian”‘speaking targets using humanitarian”‘themed lures and a PE”‘less Python architecture. The campaign starts with phishing emails that deliver a RAR archive containing…
-
Zara Data Breach Impacts Nearly 200,000 Customers
ShinyHunters gets away with emails and other data on 200,000 Zara customers First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/zara-data-breach-impacts-200000/
-
13 new critical holes in JavaScript sandbox allow execution of arbitrary code
VM.run() can obtain host process object and runs host commands with zero co-operation from the host.However, researchers at Socket told us in an email that the advisory about this escape says it has been confirmed only on Node.js 25.6.1, and requires a Node.js version with WebAssembly exception handling and JSTag support.The highest-risk scenario, they said, would be an…
-
One Click, Total Shutdown: The “Patient Zero” Webinar on Killing Stealth Breaches
The hardest part of cybersecurity isn’t the technology, it’s the people.Every major breach you’ve read about lately usually starts the same way: one employee, one clever email, and one “Patient Zero” infection.In 2026, hackers are using AI to make these “first clicks” nearly impossible to spot. If a single laptop gets compromised on your watch,…
-
Scammers Use Hidden Text to Bypass AI Email Filters in Phishing Scams
Scammers are hiding invisible text inside phishing emails to manipulate AI-powered email filters and increase the chances of scams reaching inboxes. First seen on hackread.com Jump to article: hackread.com/scammers-text-bypass-ai-email-filters-phishing-scams/
-
Scammers Exploit Disposable VoIP Numbers to Bypass Reputation Blocking
New tactics used by threat actors who embed phone numbers in scam emails as a key indicator of compromise (IOC), revealing how attackers exploit VoIP infrastructure to evade detection and scale fraud operations. Telephone-oriented attack delivery (TOAD) remains a dominant phishing technique, in which victims are lured to call attacker-controlled numbers rather than clicking malicious…
-
A DOD contractor’s API flaw exposed military course data and service member records
Researchers say Schemata’s platform exposed names, emails, base assignments, and course materials before the company patched the issue and contacted government authorities. First seen on cyberscoop.com Jump to article: cyberscoop.com/schemata-dod-contractor-api-flaw-military-data-exposure/
-
Insights into the clustering and reuse of phone numbers in scam emails
Talos has recently started to collect and gather intelligence around phone numbers within emails as an additional indicator of compromise (IOC). In this blog, we discuss new insights into in-the-wild phone number reuse in scam emails. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/insights-into-the-clustering-and-reuse-of-phone-numbers-in-scam-emails/
-
Proton Mail brings quantum-safe email encryption to all accounts
Post-quantum protection is now available as an optional feature in Proton Mail across all plans, including the free tier. How post-quantum protection works Once enabled, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/06/proton-mail-post-quantum-protection-feature/
-
Salesforce Marketing Cloud Vulnerability Exposes Email Data Risk
Salesforce Marketing Cloud (SFMC) recently patched a cluster of high”‘impact vulnerabilities that could have allowed attackers to read and enumerate marketing emails and subscriber data across tenants, including Fortune 500 organizations. Modern enterprises rely on centralised marketing clouds to deliver branded, trackable campaigns at massive scale. SFMC (formerly ExactTarget) is one of the dominant platforms, powering dynamic…
-
Vimeo Confirms Breach Exposing 119,000 Unique User Email Addresses
Video hosting platform Vimeo has confirmed a data breach that exposed approximately 119,000 unique user email addresses, attributing the incident to a security compromise at Anodot, a third-party analytics vendor integrated with its systems. The breach came to light after the ShinyHunters extortion group listed Vimeo on its >>pay or leak<< portal in April 2026,…
-
Google AppSheet Abuse Helped Phish 30,000 Facebook Accounts
Hackers abused Google AppSheet to send Meta phishing emails, compromising 30,000 Facebook business accounts across 50 countries. The post Google AppSheet Abuse Helped Phish 30,000 Facebook Accounts appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-google-appsheet-facebook-phishing-accountdumpling/
-
Researchers report Amazon SES abused in phishing to evade detection
Cybersecurity firm Kaspersky reports that the Amazon Simple Email Service (SES) is being increasingly abused to send convincing phishing emails that can bypass standard security filters and render reputation-based blocks ineffective. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/researchers-report-amazon-ses-abused-in-phishing-to-evade-detection/
-
Google AppSheet Abuse Helped Phish 30,000 Facebook Accounts
Hackers abused Google AppSheet to send Meta phishing emails, compromising 30,000 Facebook business accounts across 50 countries. The post Google AppSheet Abuse Helped Phish 30,000 Facebook Accounts appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-google-appsheet-facebook-phishing-accountdumpling/
-
Google AppSheet Abuse Helped Phish 30,000 Facebook Accounts
Hackers abused Google AppSheet to send Meta phishing emails, compromising 30,000 Facebook business accounts across 50 countries. The post Google AppSheet Abuse Helped Phish 30,000 Facebook Accounts appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-google-appsheet-facebook-phishing-accountdumpling/
-
Microsoft Flags Mass Phishing Campaign Using Fake Compliance Emails
Microsoft researchers warn of a large-scale phishing campaign using fake compliance emails to steal credentials, targeting 35,000 users across 13,000 organizations worldwide First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/microsoft-phishing-fake-compliance/
-
LuxSci Launches Enterprise-Grade HIPAA-Compliant Email Security for Mid-Sized Healthcare Organizations
Cambridge, MA, May 5th, 2026, CyberNewswire New right-sized offering brings advanced encryption, easy API integration, and HITRUST-certified compliance to the most underserved segment in healthcare email, with pricing starting at $99/month LuxSci, a leading provider of HIPAA compliant secure healthcare communications, today announced the launch of LuxSci Secure High Volume Email for mid-sized healthcare […]…