Tag: email

AI Drives Doubling of Phishing Attacks in a Year

Feb 4, 2026 4:13 PM

Tags: ai, attack, email, phishing

Cofense claims AI is making phishing emails more personalized and sophisticated First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ai-double-volume-phishing-attacks/
Russian hackers exploited a critical Office bug within days of disclosure

Feb 4, 2026 2:13 PM

Tags: access, attack, cisa, cloud, control, cve, data, data-breach, detection, email, espionage, exploit, flaw, framework, github, group, hacker, infection, intelligence, kev, malicious, malware, microsoft, mitigation, office, risk, russia, update, vulnerability, windows

One campaign, two infection paths: ZScaler found that exploitation of CVE-2026-21509 did not lead to a single uniform payload. Instead, the initial RTF-based exploit branched into two distinct infection paths, each serving a different operational purpose. The choice of dropper reportedly determined whether the attackers prioritized near-term intelligence collection or longer-term access to compromised systems.In…
From Clawdbot to Moltbot to OpenClaw: Security Experts Detail Critical Vulnerabilities and 6 Immediate Hardening Steps for the Viral AI Agent

Feb 4, 2026 6:13 AM

Tags: access, ai, api, attack, authentication, computer, container, control, crypto, cve, data, data-breach, detection, docker, email, flaw, github, group, Hardware, injection, Internet, leak, login, malicious, malware, open-source, password, privacy, remote-code-execution, risk, scam, skills, software, threat, tool, unauthorized, vulnerability

Moltbot, the viral AI agent, offers immense power but is riddled with critical vulnerabilities, including remote code execution (RCE), exposed control interfaces, and malicious extensions. Read on to understand the vulnerabilities associated with Moltbot and the immediate security practices users must prioritize to mitigate this enormous agentic AI security risk. Key takeaways Moltbot takes an…
Full Spectrum AI Security: FireTail’s Platform Update for the AI-Enabled Workforce FireTail Blog

Feb 4, 2026 1:13 AM

Tags: access, ai, api, browser, chatgpt, chrome, ciso, cloud, control, corporate, data, email, governance, grc, group, jobs, LLM, monitoring, risk, service, skills, technology, tool, unauthorized, update, vulnerability

Feb 03, 2026 – Jeremy Snyder – The rise of generative AI has changed how businesses operate. In almost every company, leaders are looking for ways to use AI to work faster and smarter. However, this shift has created a major challenge for security teams. Most of the AI activity inside an organization is currently…
Fake Dropbox Phishing Campaign Targets Users, Steals Login Credentials

Feb 3, 2026 11:14 PM

Tags: attack, credentials, cyber, email, exploit, login, malicious, phishing

A sophisticated phishing campaign that uses a multi-stage approach to bypass email filtering and content-scanning systems. The attack exploits trusted platforms, benign file formats, and layered redirection techniques to harvest user credentials from unsuspecting victims successfully. The attack chain begins with a professionally crafted phishing email containing a PDF attachment. The malicious payload leverages legitimate…
Fake Compliance Emails Weaponize Word and PDF Attachments to Steal Sensitive Data

Feb 3, 2026 11:14 PM

Tags: business, compliance, cyber, data, email, macOS, malicious, phishing

A newly observed phishing campaign is abusing fake “audit/compliance confirmation” emails to target macOS users and steal highly sensitive data. The campaign uses convincing business-themed lures and malicious attachments that masquerade as Word or PDF files to trick employees into executing an AppleScript-based payload. Attackers begin by sending emails asking recipients to “confirm the company’s…
Fake Party Invites Lure Victims Into Installing Malicious Remote Access Tools

Feb 3, 2026 11:14 PM

Tags: access, attack, cyber, email, malicious, social-engineering, tool, windows

A sophisticated social engineering campaign targeting Windows users across the UK, using fake event invitations to silently install ScreenConnect a legitimate remote access tool that attackers have weaponized to gain complete system control. The attack chain begins with deceptive simplicity: victims receive emails that look like personal invitations from friends or colleagues. These messages are…
Op Neusploit: Russian APT28 Uses Microsoft Office Flaw in Malware Attacks

Feb 3, 2026 8:13 PM

Tags: attack, control, email, exploit, flaw, group, malware, microsoft, office, russia, ukraine

A new campaign by the Russian-linked group APT28, called Op Neusploit, exploits a Microsoft Office flaw to steal emails for remote control of devices in Ukraine, Slovakia, and Romania. First seen on hackread.com Jump to article: hackread.com/op-neusploit-russia-apt28-microsoft-office-malware/
Notepad++ infrastructure hijacked by Chinese APT in sophisticated supply chain attack

Feb 3, 2026 1:13 PM

Tags: access, ai, apt, attack, backdoor, china, control, cybersecurity, detection, edr, email, espionage, exploit, framework, government, group, incident response, infrastructure, malicious, malware, microsoft, network, software, supply-chain, tool, update

Rapid7 identifies custom malware: Cybersecurity firm Rapid7 also published a detailed technical analysis corroborating Ho’s disclosure and identifying the attack as part of a broader campaign deploying previously undocumented malware. Rapid7’s investigation uncovered a custom backdoor the firm dubbed “Chrysalis,” alongside Cobalt Strike and Metasploit frameworks.”Forensic analysis conducted by the MDR team suggests that the…
Chollima APT Hackers Weaponize LNK Files to Deploy Sophisticated Malware

Feb 3, 2026 11:13 AM

Tags: apt, attack, cyber, email, group, hacker, korea, malware, north-korea, phishing, spear-phishing, threat

In March 2025, the Ricochet Chollima APT group, widely recognized as APT37 and linked to North Korean state-sponsored operations, launched a targeted spear-phishing campaign against activists focused on North Korean affairs. The threat actors initiated the attack chain via spear-phishing emails impersonating a North Korea-focused security expert based in South Korea. The emails referenced legitimate…
APT28 Leverages CVE-2026-21509 in Operation Neusploit

Feb 3, 2026 8:13 AM

Tags: access, api, attack, backdoor, cloud, communications, control, cve, data, detection, email, encryption, endpoint, exploit, github, group, infection, malicious, malware, microsoft, office, open-source, phishing, russia, service, startup, threat, tool, ukraine, update, vulnerability, windows

IntroductionIn January 2026, Zscaler ThreatLabz identified a new campaign in-the-wild, tracked as Operation Neusploit, targeting countries in the Central and Eastern European region. In this campaign, the threat actor leveraged specially crafted Microsoft RTF files to exploit CVE-2026-21509 and deliver malicious backdoors in a multi-stage infection chain. Due to significant overlaps in tools, techniques, and procedures (TTPs)…
New phishing attack leverages PDFs and Dropbox

Feb 3, 2026 5:13 AM

Tags: access, attack, authentication, awareness, business, cloud, control, detection, email, hacker, infrastructure, login, mail, mfa, phishing, service, threat, tool, training, zero-trust

Masquerading as a safe document format: But after so many warnings about this over time, why are people still so trusting of PDFs and Dropbox?”Because, historically, they’ve actually been trained to be,” said Avakian. PDFs are routinely used in the business world and have been positioned as a safe, read-only document format for invoices, contracts,…
Over 21,000 OpenClaw AI Instances Leak Personal Configuration Data

Feb 2, 2026 11:14 PM

Tags: ai, cyber, data, email, leak, open-source, service

The open-source AI assistant OpenClaw experienced explosive growth, expanding from approximately 1,000 active instances to over 21,000 in just seven days. Created by Austrian developer Peter Steinberger, the personal AI assistant integrates with email, calendars, smart-home systems, and food-delivery services, enabling it to perform actions far beyond those of traditional chatbots. The project’s rapid evolution…
Phishing Scam Uses Clean Emails and PDFs to Steal Dropbox Logins

Feb 2, 2026 9:14 PM

Tags: business, cloud, email, exploit, login, phishing, scam

A multi-stage phishing campaign is targeting business users by exploiting Vercel cloud storage, PDF attachments, and Telegram bots to steal Dropbox credentials. First seen on hackread.com Jump to article: hackread.com/phishing-scam-emails-pdfs-steal-dropbox-logins/
Security Affairs newsletter Round 561 by Pierluigi Paganini INTERNATIONAL EDITION

Feb 2, 2026 12:13 PM

Tags: communications, cyberattack, email, hacker, international, WeeklyReview

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. DOJ releases details alleged talented hacker working for Jeffrey Epstein Cyberattacks Disrupt Communications at Wind, Solar,…
Researchers Uncover Moltbook AI Flaw Exposing API Keys and Login Credentials

Feb 2, 2026 11:13 AM

Tags: ai, api, credentials, cyber, email, flaw, login, network, vulnerability

A critical vulnerability in Moltbook, the AI agent social network launched in late January 2026 by Octane AI’s Matt Schlicht, exposes email addresses, login tokens, and API keys for registered entities. The flaw impacts the platform’s claimed 1.5 million users, though security researchers revealed the inflated user count stems from unchecked bot registrations rather than…
StrongestLayer: Top ‘Trusted’ Platforms are Key Attack Surfaces

Feb 2, 2026 9:13 AM

Tags: attack, cyber, email, exploit, google, intelligence, threat

Explore StrongestLayer’s threat intelligence report highlighting the rise of email security threats exploiting trusted platforms like DocuSign and Google Calendar. Learn how organizations can adapt to defend against these evolving cyber risks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/strongestlayer-top-trusted-platforms-are-key-attack-surfaces/
When responsible disclosure becomes unpaid labor

Feb 2, 2026 9:13 AM

Tags: ai, bug-bounty, ciso, cloud, compliance, control, credentials, cve, cvss, cybersecurity, data, email, exploit, finance, flaw, governance, healthcare, incident response, infrastructure, jobs, open-source, ransom, risk, security-incident, service, software, threat, tool, update, vulnerability, warfare

supposed to function and how it increasingly does in practice. Enter the gray zone of ethical disclosure: The result is a growing gray zone between ethical research and adversarial pressure. Based on years of reporting on disclosure disputes, that gray zone tends to emerge through a small set of recurring failure modes.Silent treatment and severity…
AI Compliance Tools: What to Look For FireTail Blog

Jan 30, 2026 8:42 PM

Tags: ai, antivirus, api, attack, automation, backdoor, business, cloud, compliance, control, credit-card, data, defense, email, finance, framework, GDPR, governance, grc, guide, identity, injection, intelligence, jobs, LLM, login, malicious, mitre, network, nist, okta, remote-code-execution, risk, risk-management, siem, software, threat, tool, training, unauthorized, vulnerability

Jan 30, 2026 – Alan Fagan – Quick Facts: AI Compliance ToolsManual tracking often falls short: Spreadsheets cannot track the millions of API calls and prompts generated by modern AI systems.Real-time is required: The best AI compliance tools monitor live traffic, not just static policy documents.Framework mapping matters: Firetail automatically maps activity to the OWASP…
SoundCloud Data Breach Exposes Nearly 30M User Accounts

Jan 30, 2026 6:21 PM

Tags: breach, data, data-breach, email, phishing

A SoundCloud breach affecting 29.8 million accounts exposed email addresses and profile data, increasing phishing risks. The post SoundCloud Data Breach Exposes Nearly 30M User Accounts appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-soundcloud-breach-exposes-nearly-30-million-users/
MCP security: How to prevent prompt injection and tool poisoning attacks

Jan 30, 2026 4:22 PM

Tags: access, ai, api, attack, authentication, automation, best-practice, business, ceo, communications, control, credentials, data, defense, detection, email, endpoint, exploit, framework, github, governance, guide, incident response, infrastructure, injection, least-privilege, LLM, malicious, monitoring, network, radius, risk, service, siem, software, sql, supply-chain, threat, tool, unauthorized, vulnerability

The Model Context Protocol (MCP) has quickly become the open protocol that enables AI agents to connect securely to external tools, databases, and business systems. But this convenience comes with security risks. MCP servers store sensitive credentials, handle business logic, and connect to APIs. This makes them prime targets for attackers who have learned to…
Microsoft fixes Outlook bug blocking access to encrypted emails

Jan 30, 2026 4:22 PM

Tags: access, email, microsoft

Microsoft has fixed a known issue that prevented Microsoft 365 customers from opening encrypted emails in classic Outlook after a recent update. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-fixes-outlook-bug-blocking-access-to-encrypted-emails/
Attackers Weaponize Microsoft 365 Outlook Add-ins to Quietly Exfiltrate Email Data

Jan 30, 2026 4:22 PM

Tags: access, cyber, data, email, microsoft, monitoring, theft

A stealthy data theft technique in Microsoft 365 that abuses Outlook add-ins to exfiltrate email content without leaving meaningful forensic traces. The technique, dubbed “Exfil Out&Look,” takes advantage of how Outlook Web Access (OWA) handles add-ins and audit logging, creating a blind spot that traditional Microsoft 365 monitoring cannot see. Outlook add-ins are small web-based…
Is it safe to open spam emails? Enterprise risks

Jan 30, 2026 2:23 PM

Tags: credentials, email, risk, spam

Is it safe to open spam emails? Usually, yes. Risk escalates with links, attachments, and credential prompts – then containing outbound abuse quickly matters. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/is-it-safe-to-open-spam-emails-enterprise-risks/
SmarterTools patches critical SmarterMail flaw allowing code execution

Jan 30, 2026 2:23 PM

Tags: cve, email, flaw, malicious, software, vulnerability

SmarterTools fixed two SmarterMail flaws, including a critical bug (CVE-2026-24423) that could allow arbitrary code execution. SmarterTools fixed two security bugs in its SmarterMail email software, including a critical vulnerability, tracked as CVE-2026-24423 (CVSS score of 9.3) that could let attackers run malicious code on affected systems. >>SmarterTools SmarterMail versions prior to build 9511 contain…
Human risk management: CISOs’ solution to the security awareness training paradox

Jan 30, 2026 9:21 AM

Tags: access, ai, awareness, ciso, compliance, cyber, cybersecurity, data, email, identity, intelligence, malicious, mitigation, risk, risk-management, strategy, tool, training

What is human risk management?: HRM is defined as a cybersecurity strategy that identifies, measures, and reduces the risks caused by human behavior. Simply stated, security awareness training is about what employees know; HRM is about what they do (i.e., their actual cybersecurity behavior).To be more specific, HRM integrates into email security tools, web gateways,…
Human risk management: CISOs’ solution to the security awareness training paradox

Jan 30, 2026 9:21 AM

Tags: access, ai, awareness, ciso, compliance, cyber, cybersecurity, data, email, identity, intelligence, malicious, mitigation, risk, risk-management, strategy, tool, training

What is human risk management?: HRM is defined as a cybersecurity strategy that identifies, measures, and reduces the risks caused by human behavior. Simply stated, security awareness training is about what employees know; HRM is about what they do (i.e., their actual cybersecurity behavior).To be more specific, HRM integrates into email security tools, web gateways,…
SmarterMail Fixes Critical Unauthenticated RCE Flaw with CVSS 9.3 Score

Jan 30, 2026 9:21 AM

Tags: api, cve, cvss, email, flaw, rce, remote-code-execution, software, vulnerability

SmarterTools has addressed two more security flaws in SmarterMail email software, including one critical security flaw that could result in arbitrary code execution.The vulnerability, tracked as CVE-2026-24423, carries a CVSS score of 9.3 out of 10.0.”SmarterTools SmarterMail versions prior to build 9511 contain an unauthenticated remote code execution vulnerability in the ConnectToHub API First seen…
Identitäten im Fokus von Cyberkriminellen

Jan 29, 2026 4:26 PM

Tags: access, business, cloud, cyberattack, email, incident response, mail, password, phishing, ransomware, service, social-engineering, software, vulnerability

Cyberkriminelle haben es inzwischen vermehrt auf digitale Identitäten abgesehen.Der State of Incident Response Report 2026 von Eye Security zeigt: Cyberangriffe auf Unternehmen erfolgen zunehmend unbemerkt und die Schäden entstehen innerhalb von Minuten. Demnach setzen die Angreifer inzwischen weniger darauf, Systeme zu hacken, sondern bestehende Zugänge ausnutzen.Identitätsbasierte Angriffe dominieren das Feld, wobei 97 Prozent dieser Vorfälle…
Real-Time Blackhole List How to Remove an IP From It?

Jan 29, 2026 1:23 PM

Tags: email

Originally published at Real-Time Blackhole List How to Remove an IP From It? by EasyDMARC. When emails start bouncing and people tell you … First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/real-time-blackhole-list-how-to-remove-an-ip-from-it-2/