email security
-
Researchers disclose critical SEPPMail gateway flaws that could allow remote code execution
Researchers disclosed seven critical flaws in SEPPMail Secure E-Mail Gateway that could allow remote code execution and reading of arbitrary mail. SEPPmail has issued fixes across recent versions, including patches for multiple CVEs rated above 9.0.
-
Robinhood fixes account creation flaw used to send phishing emails
Robinhood said attackers abused a flaw in its account creation flow to send phishing emails from a legitimate company address. The company said no customer accounts, personal information or funds were impacted.
-
Cisco Talos warns attackers are abusing GitHub and Jira notifications for phishing
Cisco Talos says attackers are abusing GitHub and Jira notification systems to send phishing emails that pass standard authentication checks and may look trusted to corporate users.
-
State-backed hackers exploited Libraesva ESG flaw; vendor issues urgent patch
Libraesva disclosed a state-sponsored exploitation of a vulnerability in its Email Security Gateway (ESG), tracked as CVE-2025-59689. The flaw, a command injection triggered by specially crafted compressed attachments, affects ESG versions 4.5 through 5.5.x before 5.5.7. Patches are available, and end-of-support for older builds mandates manual upgrades.
-
Cybercriminals Target Email Systems with Evolving Phishing Tactics in 2025
In 2025, cybercriminals are increasingly using low-tech and human-centric tactics to penetrate email security systems, with the rise of callback phishing and phishing attacks featuring malicious SVG file attachments. This trend highlights the need for businesses to reassess their email security strategies.
-
OCC Reports Major Data Breach Affecting National Bank Regulators
The OCC has confirmed a significant data breach involving over 150,000 emails, reported as a ‘major information security incident’. The breach, affecting national bank regulators, raises concerns about cybersecurity and data protection in government agencies.
