Security News

Roundcube XSS flaw exploited to steal credentials, email (CVE-2024-37383)
2024-10-22 09:21

Attackers have exploited an XSS vulnerability (CVE-2024-37383) in the Roundcube Webmail client to target a governmental organization of a CIS country, Positive Technologies (PT) analysts have...

Hackers exploit Roundcube webmail flaw to steal email, credentials
2024-10-21 21:14

Threat actors have been exploiting a vulnerability in the Roundcube Webmail client to target government organizations in the Commonwealth of Independent States (CIS) region, the successor of the...

Google Scholar has a 'verified email' for Sir Isaac Newton
2024-10-19 13:00

It's true: Google Scholar profile of the renowned former physicist and polymath, Sir Isaac Newton bears a "verified email" note. According to Google Scholar, Isaac Newton is a "Professor of...

Israeli orgs targeted with wiper malware via ESET-branded emails
2024-10-18 10:23

Attackers have tried to deliver wiper malware to employees at organizations across Israel by impersonating cybersecurity company ESET via email. The phishing email The attack took the form of a...

Microsoft Outlook bug blocks email logins, causes app crashes
2024-10-10 15:18

Microsoft is investigating an Outlook bug causing desktop app crashes, high system resource usage, and preventing users from logging into their accounts. [...]

Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks
2024-10-09 04:22

Microsoft is warning of cyber attack campaigns that abuse legitimate file hosting services such as SharePoint, OneDrive, and Dropbox that are widely used in enterprise environments as a defense...

Google Pay alarms users with accidental ‘new card’ added emails
2024-10-06 13:00

Google Pay alarmed users this week after erroneously sending out "new card" added email notifications. Google has acknowledged that the email was "accidental" and that no user information was...

Over 5,000 Fake Microsoft Notifications Fueling Email Compromise Campaigns
2024-10-04 16:41

Check Point documented 5,000 emails coming from legitimate-looking organizational domains.

Two British-Nigerian men sentenced over multimillion-dollar business email scam
2024-10-03 12:30

Fraudsters targeted local government, colleges, and construction firms in Texas and North Carolina Two British-Nigerian men were sentenced for serious business email compromise schemes in the US...

Critical Zimbra RCE flaw exploited to backdoor servers using emails
2024-10-02 14:15

Hackers are actively exploiting a recently disclosed RCE vulnerability in Zimbra email servers that can be triggered simply by sending specially crafted emails to the SMTP server. [...]