The threat actor infected victims with the Snow malware family – Snowbelt, Snowglaze, and Snowbasin – for persistent access.
The post UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware appeared first on SecurityWeek.
The Behavioral Shift: Why Trusted Relationships Are the Newest Attack Surface
New analysis from Abnormal AI reveals how attackers have abandoned technical exploits to weaponize routine workflows and internal trust.
The post The Behavioral Shift: Why Trusted Relationships Are the Newest Attack Surface appeared first on SecurityWeek.
Gmail Brings End-to-End Encryption to Android and iOS for Enterprise Users
The feature allows enterprise users to compose and read end-to-end encrypted messages natively on their mobile devices.
The post Gmail Brings End-to-End Encryption to Android and iOS for Enterprise Users appeared first on SecurityWeek.
FBI Confirms Kash Patel Email Hack as US Offers $10M Reward for Hackers
The agency said Iranian hackers targeted the director’s personal email account and noted that the compromised information is old.
The post FBI Confirms Kash Patel Email Hack as US Offers $10M Reward for Hackers appeared first on SecurityWeek.
Recent RoundCube Webmail Vulnerability Exploited in Attacks
Patched in December 2025, the exploited flaw leads to XSS attacks via the animate tags in SVG documents.
The post Recent RoundCube Webmail Vulnerability Exploited in Attacks appeared first on SecurityWeek.
Fresh SmarterMail Flaw Exploited for Admin Access
The exploitation of the authentication bypass vulnerability started two days after patches were released.
The post Fresh SmarterMail Flaw Exploited for Admin Access appeared first on SecurityWeek.
Webinar Today: Rethinking Email Security for Mid-Sized Organizations
See how modern AI-driven detection can block sophisticated attacks that traditional tools miss
The post Webinar Today: Rethinking Email Security for Mid-Sized Organizations appeared first on SecurityWeek.
Complex Routing, Misconfigurations Exploited for Domain Spoofing in Phishing Attacks
Threat actors spoof legitimate domains to make their phishing emails appear to have been sent internally.
The post Complex Routing, Misconfigurations Exploited for Domain Spoofing in Phishing Attacks appeared first on SecurityWeek.
Sublime Security Raises $150 Million for Email Security Platform
Sublime Security’s Series C funding round brings the total raised by the company to more than $240 million.
The post Sublime Security Raises $150 Million for Email Security Platform appeared first on SecurityWeek.
Libraesva Email Security Gateway Vulnerability Exploited by Nation-State Hackers
Tracked as CVE-2025-59689, the command injection bug could be triggered via malicious emails containing crafted compressed attachments.
The post Libraesva Email Security Gateway Vulnerability Exploited by Nation-State Hackers appeared first on SecurityWeek.
