email security

State-backed hackers exploited Libraesva ESG flaw; vendor issues urgent patch

News, Risk, Vendors, Vulnerabilities

September 24, 2025

Libraesva disclosed a state-sponsored exploitation of a vulnerability in its Email Security Gateway (ESG), tracked as CVE-2025-59689. The flaw, a command injection triggered by specially crafted compressed attachments, affects ESG versions 4.5 through 5.5.x before 5.5.7. Patches are available, and end-of-support for older builds mandates manual upgrades.
Cybercriminals Target Email Systems with Evolving Phishing Tactics in 2025

Cybercrime, News, Privacy, Vulnerabilities

May 1, 2025

In 2025, cybercriminals are increasingly using low-tech and human-centric tactics to penetrate email security systems, with the rise of callback phishing and phishing attacks featuring malicious SVG file attachments. This trend highlights the need for businesses to reassess their email security strategies.
OCC Reports Major Data Breach Affecting National Bank Regulators

Cybercrime, News, Policy, Vulnerabilities

April 9, 2025

The OCC has confirmed a significant data breach involving over 150,000 emails, reported as a ‘major information security incident’. The breach, affecting national bank regulators, raises concerns about cybersecurity and data protection in government agencies.