Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/06/08 7:19 a.m.20 views

CVE-2025-5486

The WP Email Debug plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the WPMDBUGhandlesettings function in versions 1.0 to 1.1.0. This makes it possible for unauthenticated attackers to enable debugging and send all emails to an attacker controlled...

9.8CVSS9.8AI score0.00435EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2023/04/17 4:6 p.m.5 views

New QBot Banking Trojan Campaign Hijacks Business Emails to Spread Malware

A new QBot malware campaign is leveraging hijacked business correspondence to trick unsuspecting victims into installing the malware, new findings from Kaspersky reveal. The latest activity, which commenced on April 4, 2023, has primarily targeted users in Germany, Argentina, Italy, Algeria, Spai...

6.7AI score
Exploits0
ThreatPost
ThreatPost
added 2021/11/22 7:26 p.m.271 views

Attackers Hijack Email Using Proxy Logon/Proxyshell Flaws

Attackers are gnawing on the ProxyLogon and ProxyShell vulnerabilities in Microsoft Exchange Server to hijack email chains, by malspamming replies to ongoing email threads, researchers say. What’s still under discussion: whether the offensive is delivering SquirrelWaffle, the new email loader tha...

10CVSS10AI score0.99999EPSS
Exploits78References39
Trend Micro Simply Security
Trend Micro Simply Security
added 2021/11/19 12:0 a.m.16 views

Squirrelwaffle Exploits ProxyShell and ProxyLogon to Hijack Email Chains

Squirrelwaffle is known for using the tactic of sending malicious spam as replies to existing email chains. We look into how by investigating its exploit of Microsoft Exchange Server vulnerabilities, ProxyLogon and ProxyShell...

6.9AI score
Exploits0
ThreatPost
ThreatPost
added 2020/08/27 11:14 a.m.18 views

Revamped Qbot Trojan Packs New Punch: Hijacks Email Threads

Attacks attributed to the Qbot trojan, known as the “Swiss Army knife” of malware, are on the uptick with a reported 100,000 recent infections, according to researchers. Qbot, an ever-evolving information-stealing trojan that’s been around since 2008, has shifted tactics again and adopted a bevy ...

Exploits0References8
The Hacker Blog
The Hacker Blog
added 2018/06/05 6:59 a.m.26 views

Reading Your Emails With A Read&Write Chrome Extension Same Origin Policy Bypass (~8 Million Users Affected)

Summary Due to a lack of proper origin checks in the message passing from regular web pages, any arbitrary web page is able to call privileged background page APIs for the Read&Write Chrome extension vulnerable version 1.8.0.139. Many of these APIs allow for dangerous actions which are not meant ...

7AI score
Exploits0
OSV
OSV
added 2017/06/08 2:29 p.m.4 views

CVE-2017-9518

atmail before 7.8.0.2 has CSRF, allowing an attacker to change the SMTP hostname and hijack all emails...

8.8CVSS5.8AI score0.00451EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/06/08 2:0 p.m.24 views

CVE-2017-9518

atmail before 7.8.0.2 has CSRF, allowing an attacker to change the SMTP hostname and hijack all emails...

8.7AI score0.00451EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2011/06/03 3:15 p.m.13 views

Report: Gmail Not Alone; Yahoo! And Hotmail Users Phished Also

In addition to widely publicized attacks targeting the Gmail accounts of government officials and activists, Trend Micro reported yesterday that Yahoo! Mail and Hotmail are being targeted with similar but separate attacks as well. The report, on Trend Micro’s Malware Blog on Thursday, was the fir...

0.1AI score
Exploits0References5
Rows per page
Query Builder