Tag: email
-
Major US law firm says hackers broke into attorneys’ emails accounts
While the firm did not specify which nation-state it believes the hacker is affiliated with, The New York Times reported that sources have said it is China. First seen on therecord.media Jump to article: therecord.media/us-law-firm-hackers-breached-email
-
Salesforce Refuses to Pay Ransom to Data-Stealing Hackers
Salesforce is refusing a demand by the hackers behind that widespread data-stealing attacks on its customers, which threatened to release massive amounts of the data unless the SaaS vendor negotiated a ransom payment. In an email, Salesforce reportedly told customers about its refusal to pay and offered them its support. First seen on securityboulevard.com Jump…
-
Salesforce Refuses to Pay Ransom to Data-Stealing Hackers
Salesforce is refusing a demand by the hackers behind that widespread data-stealing attacks on its customers, which threatened to release massive amounts of the data unless the SaaS vendor negotiated a ransom payment. In an email, Salesforce reportedly told customers about its refusal to pay and offered them its support. First seen on securityboulevard.com Jump…
-
Salesforce Refuses to Pay Ransom to Data-Stealing Hackers
Salesforce is refusing a demand by the hackers behind that widespread data-stealing attacks on its customers, which threatened to release massive amounts of the data unless the SaaS vendor negotiated a ransom payment. In an email, Salesforce reportedly told customers about its refusal to pay and offered them its support. First seen on securityboulevard.com Jump…
-
Western Sydney University Targeted in Widespread Email Scam Causing Student Distress
Western Sydney University has recently fallen victim to a scam involving fraudulent emails sent to current students and alumni. These emails falsely claimed that recipients’ degrees had been revoked and that they were permanently excluded from continuing their studies at the university. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/western-sydney-university-email-scam/
-
Hackers Exploit CSS Properties to Conceal Malicious Code in Hidden Text Salting Attacks
In a sophisticated evolution of email-based attacks, adversaries have begun leveraging Cascading Style Sheets (CSS) to inject hidden “salt”, irrelevant content used to confuse detection systems, deep within HTML emails. Cisco Talos’s year-long monitoring (March 1, 2024 July 31, 2025) reveals a marked increase in the abuse of CSS properties to conceal […] The post…
-
Hackers Exploit CSS Properties to Conceal Malicious Code in Hidden Text Salting Attacks
In a sophisticated evolution of email-based attacks, adversaries have begun leveraging Cascading Style Sheets (CSS) to inject hidden “salt”, irrelevant content used to confuse detection systems, deep within HTML emails. Cisco Talos’s year-long monitoring (March 1, 2024 July 31, 2025) reveals a marked increase in the abuse of CSS properties to conceal […] The post…
-
Qantas among nearly 40 companies facing ransom demand from hacker group
Hacker collective Scattered Lapsus$ Hunters reportedly threatening to leak stolen personal data from dozens of firms in major extortion attempt<ul><li><a href=”https://www.theguardian.com/australia-news/live/2025/oct/08/australia-politics-live-gaza-rally-parliament-anthony-albanese-sussan-ley-question-time-andrew-hastie-ntwnfb”>Follow our Australia news live blog for latest updates</li><li>Get our <a href=”https://www.theguardian.com/email-newsletters?CMP=cvau_sfl”>breaking news email, <a href=”https://app.adjust.com/w4u7jx3″>free app or <a href=”https://www.theguardian.com/australia-news/series/full-story?CMP=cvau_sfl”>daily news podcast</li></ul>Qantas is one of almost 40 global companies that have until Friday to begin…
-
Kaseya Buys Inky to Expand Email Threat Detection for MSPs
Email Security Acquisition Aims to Bring Cross-Platform Data to Phishing Defense. Kaseya’s acquisition of Inky reflects the need for broader platform integration in email security. With phishing attacks becoming more subtle, founder and CEO Dave Baggett says access to login data and other platform signals is critical for threat detection. First seen on govinfosecurity.com Jump…
-
Attackers Season Spam With a Touch of ‘Salt’
Researchers report an increase in the use of hidden content in spam and malicious email to confuse filters and other security mechanisms. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/attackers-season-spam-touch-salt
-
Kaseya Acquires Email Security Trailblazer Inky, Boosts AI-Powered Protection
Kaseya announced Tuesday it has acquired trailblazing email security vendor Inky, as the company looks to drive an expansion of its AI-powered capabilities to enable proactive cyber defense. First seen on crn.com Jump to article: www.crn.com/news/security/2025/kaseya-acquires-email-security-trailblazer-inky-boosts-ai-powered-protection
-
Kaseya Acquires Email Security Trailblazer Inky, Boosts AI-Powered Protection
Kaseya announced Tuesday it has acquired trailblazing email security vendor Inky, as the company looks to drive an expansion of its AI-powered capabilities to enable proactive cyber defense. First seen on crn.com Jump to article: www.crn.com/news/security/2025/kaseya-acquires-email-security-trailblazer-inky-boosts-ai-powered-protection
-
Discord says sensitive info stolen during cyberattack on customer service provider
The data stolen mostly includes names, Discord usernames, emails, IP addresses and messages that were exchanged with customer service agents. First seen on therecord.media Jump to article: therecord.media/discord-data-breach-third-party
-
Too salty to handle: Exposing cases of CSS abuse for hidden text salting
A simple yet effective tactic, known as hidden text salting, is increasingly used by cybercriminals over the past few months to evade even the most advanced email security solutions, including those powered by machine learning and large language models. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/too-salty-to-handle-exposing-cases-of-css-abuse-for-hidden-text-salting/
-
Too salty to handle: Exposing cases of CSS abuse for hidden text salting
A simple yet effective tactic, known as hidden text salting, is increasingly used by cybercriminals over the past few months to evade even the most advanced email security solutions, including those powered by machine learning and large language models. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/too-salty-to-handle-exposing-cases-of-css-abuse-for-hidden-text-salting/
-
Too salty to handle: Exposing cases of CSS abuse for hidden text salting
A simple yet effective tactic, known as hidden text salting, is increasingly used by cybercriminals over the past few months to evade even the most advanced email security solutions, including those powered by machine learning and large language models. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/too-salty-to-handle-exposing-cases-of-css-abuse-for-hidden-text-salting/
-
Cl0p Ransomware Actively Exploiting Oracle E-Business Suite 0-Day
Tags: advisory, attack, business, cve, cyber, data-breach, email, exploit, extortion, group, oracle, ransomware, threat, vulnerability, zero-dayThe notorious Cl0p ransomware group has beenactively exploiting a critical zero-day vulnerabilityin Oracle’s E-Business Suite (EBS), targeting enterprise customers through CVE-2025-61882. This sophisticated attack campaign has prompted Oracle to issue an emergency security advisory after reports surfaced that multiple organizations received extortion emails from the threat actors. Critical Zero-Day Vulnerability Exposed Oracle confirmed the exploitation…
-
Cl0p Ransomware Actively Exploiting Oracle E-Business Suite 0-Day
Tags: advisory, attack, business, cve, cyber, data-breach, email, exploit, extortion, group, oracle, ransomware, threat, vulnerability, zero-dayThe notorious Cl0p ransomware group has beenactively exploiting a critical zero-day vulnerabilityin Oracle’s E-Business Suite (EBS), targeting enterprise customers through CVE-2025-61882. This sophisticated attack campaign has prompted Oracle to issue an emergency security advisory after reports surfaced that multiple organizations received extortion emails from the threat actors. Critical Zero-Day Vulnerability Exposed Oracle confirmed the exploitation…
-
EyeMed Agrees to Pay $5M to Settle Email Breach Litigation
2020 Hack Has Cost EyeMed About $12.6M in Multiple Regulatory Fines, Settlements. Benefits provider EyeMed Vision Care has agreed to pay $5 million and improve its security practices to settle class action litigation involving a 2020 phishing breach. The incident has been the subject of previous multimillion dollar settlements and enforcement actions by multiple state…
-
Cl0p Ransomware Group Exploited in a Zero-Day in Oracle EBS Attacks
The Cl0p ransomware group exploited a zero-day security flaw in Oracle’s E-Business Suite to compromise corporate networks and steal data, according to Mandiant. The threat actors are sending emails to executives of those companies demanding payment or risk the data being sold on underground markets or made public. First seen on securityboulevard.com Jump to article:…
-
Discord discloses third-party breach affecting customer support data
Discord reported a data breach at a third-party customer service provider that exposed user data, including contact details, IPs, and billing info. Discord disclosed a breach at a third-party customer support provider that exposed data of users who contacted its Support or Trust & Safety teams. The stolen info includes names, usernames, emails, contact and…
-
Most People Can’t Tell AI Phishing Emails from the Real Thing
AI-crafted phishing emails are fooling every generation. Learn why no one’s immune”, and how to build stronger defenses. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/ai-phishing-scams-outsmarting-everyone/
-
Extortion campaign targeting Oracle E-Business Suite customers linked to zero-day
Mandiant researchers said Clop ransomware is indeed linked to a series of emails threatening to release stolen data.; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/extortion-campaign-oracle-e-business-suite-zero-day/802123/
-
Proxmox Mail Gateway: Open-source email security solution reaches version 9.0
First released in 2005, the open-source Proxmox Mail Gateway has become a widely adopted mail proxy, positioned between the firewall and the internal mail server to stop … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/06/proxmox-mail-gateway-open-source-email-security-solution/
-
Proxmox Mail Gateway: Open-source email security solution reaches version 9.0
First released in 2005, the open-source Proxmox Mail Gateway has become a widely adopted mail proxy, positioned between the firewall and the internal mail server to stop … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/06/proxmox-mail-gateway-open-source-email-security-solution/
-
CVE-2025-61882: Frequently Asked Questions About Oracle E-Business Suite (EBS) Zero-Day and Associated Vulnerabilities
Tags: advisory, attack, breach, business, cve, cyber, data, email, exploit, extortion, finance, flaw, group, intelligence, mitigation, mobile, oracle, ransomware, remote-code-execution, software, threat, update, vulnerability, zero-dayFollowing reports the Cl0p ransomware group has been extorting Oracle E-Business Suite customers, Oracle released an advisory for a zero-day that was exploited in the wild. Background Tenable’s Research Special Operations (RSO) team has compiled this blog to answer Frequently Asked Questions (FAQ) regarding a newly disclosed Oracle zero-day vulnerability that was exploited in the…
-
CVE-2025-61882: Frequently Asked Questions About Oracle E-Business Suite (EBS) Zero-Day and Associated Vulnerabilities
Tags: advisory, attack, breach, business, cve, cyber, data, email, exploit, extortion, finance, flaw, group, intelligence, mitigation, mobile, oracle, ransomware, remote-code-execution, software, threat, update, vulnerability, zero-dayFollowing reports the Cl0p ransomware group has been extorting Oracle E-Business Suite customers, Oracle released an advisory for a zero-day that was exploited in the wild. Background Tenable’s Research Special Operations (RSO) team has compiled this blog to answer Frequently Asked Questions (FAQ) regarding a newly disclosed Oracle zero-day vulnerability that was exploited in the…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 65
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Smash and Grab: Aggressive Akira Campaign Targets SonicWall VPNs, Deploys Ransomware in an Hour or Less First Malicious MCP in the Wild: The Postmark Backdoor That’s Stealing Your Emails EvilAI Operators Use AI-Generated Code…