CVE-2026-23760
-
Microsoft links Medusa ransomware affiliate to rapid zero-day attacks
Microsoft said Storm-1175 has used n-day and zero-day flaws in rapid Medusa ransomware attacks, sometimes within 24 hours of initial access, and has hit healthcare, education, finance and other sectors.
-
Warlock ransomware breaches network through unpatched SmarterMail instance
A SmarterTools community advisory says the Warlock gang breached an unpatched SmarterMail instance on January 29, 2026, affecting about 12 Windows servers and a secondary data center. Updates and isolation were recommended to limit spread.
-
Over 6,000 SmarterMail servers exposed and likely vulnerable to critical auth bypass
Shadowserver found more than 6,000 SmarterMail servers exposed and likely vulnerable to CVE-2026-23760, a critical authentication bypass that can reset admin passwords and allow remote code execution. A vendor fix was released in build 9511.
