Tag: email
-
Microsoft Warns Misconfigured Email Routing Can Enable Internal Domain Phishing
Threat actors engaging in phishing attacks are exploiting routing scenarios and misconfigured spoof protections to impersonate organizations’ domains and distribute emails that appear as if they have been sent internally.”Threat actors have leveraged this vector to deliver a wide variety of phishing messages related to various phishing-as-a-service (PhaaS) platforms such as Tycoon 2FA,” the First…
-
Fake Booking.com lures and BSoD scams spread DCRat in European hospitality sector
PHALT#BLYX targets European hotels with fake Booking emails and BSoD lures, tricking staff into installing the DCRat remote access trojan. Researchers uncovered a late-December 2025 campaign, dubbed PHALT#BLYX, targeting European hotels with fake Booking-themed emails. Victims are redirected to bogus BSoD pages using ClickFix-style lures that prompt them to apply “fixes.” The multi-stage attack ultimately…
-
Hackers Exploit Routing Misconfigurations to Successfully Spoof Organizations
Cybercriminals are exploiting complex routing scenarios and misconfigured email authentication protections to successfully spoof organizational domains, enabling them to deliver phishing emails that appear to originate from within targeted companies. The attack vector, which has seen increased activity since May 2025, leverages weaknesses in Domain-based Message Authentication, Reporting, and Conformance (DMARC) configurations and third-party email…
-
Microsoft cancels plans to rate limit Exchange Online bulk emails
Microsoft announced today that it has canceled plans to impose a daily limit of 2,000 external recipients on Exchange Online bulk email senders. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-cancels-plans-to-rate-limit-exchange-online-bulk-emails/
-
Microsoft cancels plans to rate limit Exchange Online bulk emails
Microsoft announced today that it has canceled plans to impose a daily limit of 2,000 external recipients on Exchange Online bulk email senders. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-cancels-plans-to-rate-limit-exchange-online-bulk-emails/
-
NDSS 2025 Exploiting the Complexity Of Modern CSS For Email And Browser Fingerprinting
Session 8A: Email Security Authors, Creators & Presenters: Leon Trampert (CISPA Helmholtz Center for Information Security), Daniel Weber (CISPA Helmholtz Center for Information Security), Lukas Gerlach (CISPA Helmholtz Center for Information Security), Christian Rossow (CISPA Helmholtz Center for Information Security), Michael Schwarz (CISPA Helmholtz Center for Information Security) PAPER Cascading Spy Sheets: Exploiting the Complexity…
-
NDSS 2025 HADES Attack: Understanding And Evaluating Manipulation Risks Of Email Blocklists
Tags: attack, conference, dns, email, exploit, infrastructure, Internet, malicious, mitigation, network, risk, service, spam, technologySession 8A: Email Security Authors, Creators & Presenters: Ruixuan Li (Tsinghua University), Chaoyi Lu (Tsinghua University), Baojun Liu (Tsinghua University;Zhongguancun Laboratory), Yunyi Zhang (Tsinghua University), Geng Hong (Fudan University), Haixin Duan (Tsinghua University;Zhongguancun Laboratory), Yanzhong Lin (Coremail Technology Co. Ltd), Qingfeng Pan (Coremail Technology Co. Ltd), Min Yang (Fudan University), Jun Shao (Zhejiang Gongshang University)…
-
WordPress Admins Targeted by Renewal Email Phishing Scam
A phishing campaign targeting WordPress admins uses fake renewal emails to steal credit card data and 2FA codes in real time. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/wordpress-admins-targeted-by-renewal-email-phishing-scam/
-
Threat Actors Exploit Commodity Loader in Targeted Email Campaigns Against Organizations
Cyble Research and Intelligence Labs (CRIL) has identified a sophisticated, multi-stage attack campaign deploying a shared commodity loader across multiple threat actor groups. The operation demonstrates advanced operational security and represents a significant threat to manufacturing and government organizations in Italy, Finland, and Saudi Arabia. The campaign combines precision targeting with cutting-edge evasion techniques, utilizing…
-
Fake Booking Emails Redirect Hotel Staff to Fake BSoD Pages Delivering DCRat
Source: SecuronixCybersecurity researchers have disclosed details of a new campaign dubbed PHALT#BLYX that has leveraged ClickFix-style lures to display fixes for fake blue screen of death (BSoD) errors in attacks targeting the European hospitality sector.The end goal of the multi-stage campaign is to deliver a remote access trojan known as DCRat, according to cybersecurity company…
-
Students bag extended Christmas break after cyber hit on school IT
Phones, email, and core systems knocked out at Higham Lane in Nuneaton First seen on theregister.com Jump to article: www.theregister.com/2026/01/06/nuneaton_school_cyberattack/
-
What security teams miss in email attacks
Email remains the most common entry point for attackers. This article examines how phishing, impersonation, and account takeover continue to drive email breaches and expose … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/06/rising-email-breach-risks/
-
Trusted Google Notifications Used in Phishing Campaign Targeting 3,000+ Orgs
Researchers warn that attackers are abusing Google notifications and cloud services to deliver phishing emails that bypass traditional email security controls. The post Trusted Google Notifications Used in Phishing Campaign Targeting 3,000+ Orgs appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-google-notifications-phishing-campaign-email-security/
-
Google Tasks Used to Deliver Stealth Phishing Attacks
Attackers are abusing Google Tasks notifications to deliver trusted-domain phishing emails that bypass traditional email security controls. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/google-tasks-used-to-deliver-stealth-phishing-attacks/
-
How the Organizational Risk Culture Standard can supercharge your cybersecurity culture
Tags: automation, ceo, communications, compliance, control, cyber, cybersecurity, data, detection, email, finance, framework, group, guide, intelligence, law, metric, nist, phishing, ransomware, RedTeam, resilience, risk, tool, updateThe 10 dimensions, translated for cybersecurity: The ORCS framework defines ten dimensions. Treat them as a system. Each one is distinct; together they are complete. Leadership & governance. Leaders set the tone, model the behavior and anchor accountability. If leaders treat cyber as only an IT issue, everyone else will, too. When leaders make risk-informed…
-
How OSINT + Breach Data Connects the Dots in Attribution Investigations
Attribution isn’t about one clue, it’s about connecting many Attribution investigations almost never hinge on a single “gotcha” artifact. Most of the work happens in the messy middle: weak signals, partial identifiers, reused aliases, and contradictory breadcrumbs across environments. Security teams might have a suspicious email address, a dark web mention, a forum username,… First…
-
Security Affairs newsletter Round 557 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. French authorities investigate AI ‘undressing’ deepfakes on X Thousands of ColdFusion exploit attempts spotted during Christmas…
-
Google Tasks Feature Exploited in New Sophisticated Phishing Campaign
Over 3,000 organisations, predominantly in manufacturing, fell victim to a sophisticated phishing campaign in December 2025 that leveraged Google’s own application infrastructure to bypass enterprise email security controls. Attackers sent deceptive messages from noreply-application-integration@google.com, marking a critical shift in how threat actors exploit trusted platforms. Unlike traditional phishing attempts that rely on domain spoofing or compromised…
-
Phishing campaign abuses Google Cloud Application to impersonate legitimate Google emails
Researchers uncovered a phishing campaign abusing Google Cloud Application Integration to send emails posing as legitimate Google messages. Check Point researchers have revealed a phishing campaign that abuses Google Cloud Application Integration to send emails impersonating legitimate Google messages. The attack uses layered redirection with trusted cloud services, user validation checks, and brand impersonation to…
-
Cybercriminals Abuse Google Cloud Email Feature in Multi-Stage Phishing Campaign
Cybersecurity researchers have disclosed details of a phishing campaign that involves the attackers impersonating legitimate Google-generated messages by abusing Google Cloud’s Application Integration service to distribute emails.The activity, Check Point said, takes advantage of the trust associated with Google Cloud infrastructure to send the messages from a legitimate email address (“ First seen on thehackernews.com…
-
Email-first cybersecurity predictions for 2026
Explore key cybersecurity predictions for 2026, from AI-powered phishing to DMARC enforcement, BIMI adoption, SPF and DKIM limits, Zero Trust, and automation. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/email-first-cybersecurity-predictions-for-2026/
-
Singapore CSA Warns of Critical SmarterMail Flaw Enabling Unauthenticated Remote Code Execution
The Cyber Security Agency of Singapore (CSA) has issued a high-priority alert warning organizations and system administrators about a critical security vulnerability affecting SmarterMail, an enterprise email and collaboration platform developed by SmarterTools. The flaw, tracked as CVE-2025-52691, carries the highest possible severity rating and could allow attackers to execute arbitrary code remotely without authentication. First seen on…
-
Fraudulent email domain tracker: December 2025
Every month, we publish a snapshot of the email domains most actively used in fake account creation and related abuse across the websites and apps protected by Castle. The goal is to give fraud and security teams better visibility into the attacker-controlled email infrastructure that rarely appears in public blocklists First seen on securityboulevard.com Jump…
-
CSA Issues Alert on Critical SmarterMail Bug Allowing Remote Code Execution
The Cyber Security Agency of Singapore (CSA) has issued a bulletin warning of a maximum-severity security flaw in SmarterTools SmarterMail email software that could be exploited to achieve remote code execution.The vulnerability, tracked as CVE-2025-52691, carries a CVSS score of 10.0. It relates to a case of arbitrary file upload that could enable code execution…
-
CSA Issues Alert on Critical SmarterMail Bug Allowing Remote Code Execution
The Cyber Security Agency of Singapore (CSA) has issued a bulletin warning of a maximum-severity security flaw in SmarterTools SmarterMail email software that could be exploited to achieve remote code execution.The vulnerability, tracked as CVE-2025-52691, carries a CVSS score of 10.0. It relates to a case of arbitrary file upload that could enable code execution…
-
Top 5 real-world AI security threats revealed in 2025
Tags: access, ai, api, attack, breach, chatgpt, cloud, control, credentials, cybercrime, data, data-breach, defense, email, exploit, flaw, framework, github, gitlab, google, injection, least-privilege, LLM, malicious, malware, microsoft, nvidia, open-source, openai, rce, remote-code-execution, risk, service, software, supply-chain, theft, threat, tool, vulnerabilityA critical remote code execution (RCE) in open-source AI agent framework Langflow that was also exploited in the wildAn RCE flaw in OpenAI’s Codex CLIVulnerabilities in NVIDIA Triton Inference ServerRCE vulnerabilities in major AI inference server frameworks, including those from Meta, Nvidia, Microsoft, and open-source projects such as vLLM and SGLangVulnerabilities in open-source compute framework…