9 matches found
CVE-2025-5486
The WP Email Debug plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the WPMDBUGhandlesettings function in versions 1.0 to 1.1.0. This makes it possible for unauthenticated attackers to enable debugging and send all emails to an attacker controlled...
New QBot Banking Trojan Campaign Hijacks Business Emails to Spread Malware
A new QBot malware campaign is leveraging hijacked business correspondence to trick unsuspecting victims into installing the malware, new findings from Kaspersky reveal. The latest activity, which commenced on April 4, 2023, has primarily targeted users in Germany, Argentina, Italy, Algeria, Spai...
Attackers Hijack Email Using Proxy Logon/Proxyshell Flaws
Attackers are gnawing on the ProxyLogon and ProxyShell vulnerabilities in Microsoft Exchange Server to hijack email chains, by malspamming replies to ongoing email threads, researchers say. What’s still under discussion: whether the offensive is delivering SquirrelWaffle, the new email loader tha...
Squirrelwaffle Exploits ProxyShell and ProxyLogon to Hijack Email Chains
Squirrelwaffle is known for using the tactic of sending malicious spam as replies to existing email chains. We look into how by investigating its exploit of Microsoft Exchange Server vulnerabilities, ProxyLogon and ProxyShell...
Revamped Qbot Trojan Packs New Punch: Hijacks Email Threads
Attacks attributed to the Qbot trojan, known as the “Swiss Army knife” of malware, are on the uptick with a reported 100,000 recent infections, according to researchers. Qbot, an ever-evolving information-stealing trojan that’s been around since 2008, has shifted tactics again and adopted a bevy ...
Reading Your Emails With A Read&Write Chrome Extension Same Origin Policy Bypass (~8 Million Users Affected)
Summary Due to a lack of proper origin checks in the message passing from regular web pages, any arbitrary web page is able to call privileged background page APIs for the Read&Write Chrome extension vulnerable version 1.8.0.139. Many of these APIs allow for dangerous actions which are not meant ...
CVE-2017-9518
atmail before 7.8.0.2 has CSRF, allowing an attacker to change the SMTP hostname and hijack all emails...
CVE-2017-9518
atmail before 7.8.0.2 has CSRF, allowing an attacker to change the SMTP hostname and hijack all emails...
Report: Gmail Not Alone; Yahoo! And Hotmail Users Phished Also
In addition to widely publicized attacks targeting the Gmail accounts of government officials and activists, Trend Micro reported yesterday that Yahoo! Mail and Hotmail are being targeted with similar but separate attacks as well. The report, on Trend Micro’s Malware Blog on Thursday, was the fir...