When Documents Become the Attack Vector: Inside APT28’s Latest Microsoft Office Exploit
Email attachments remain one of the most trusted entry points into enterprise environments. Despite years of awareness training and secure...
SmarterMail Fixes Critical Unauthenticated RCE Flaw with CVSS 9.3 Score
Ravie LakshmananJan 30, 2026Vulnerability / Email Security SmarterTools has addressed two more security flaws in SmarterMail email software, including one...
You see an email ending in .eu.org. Must be legit, right?
At first glance, an email address ending in .eu.org looks trustworthy. It feels institutional, maybe even official. Many people implicitly...
Microsoft Flags Multi-Stage AitM Phishing and BEC Attacks Targeting Energy Firms
Microsoft has warned of a multi‑stage adversary‑in‑the‑middle (AitM) phishing and business email compromise (BEC) campaign targeting multiple organizations in the...
Didn’t Request an Instagram Password Reset? Here’s What to Do
If you recently received an unexpected email from Instagram asking you to reset your password, you are not alone. Over...
SmarterMail Auth Bypass Exploited in the Wild Two Days After Patch Release
Ravie LakshmananJan 22, 2026Vulnerability / Email Security A new security flaw in SmarterTools SmarterMail email software has come under active...
