SmarterMail auth bypass flaw now exploited to hijack admin accounts

Hackers began exploiting an authentication bypass vulnerability in SmarterTools' SmarterMail email server and collaboration ...

Data Leak Exposes 149M Logins, Including Gmail, Facebook

A massive unsecured database exposed 149 million logins, raising concerns over infostealer malware and credential theft.
SecurityWeek

Fresh SmarterMail Flaw Exploited for Admin Access

Threat actors started exploiting a SmarterMail authentication bypass flaw for remote code execution only days after patches ...
The Hacker News

SmarterMail Auth Bypass Exploited in the Wild Two Days After Patch Release

A newly patched SmarterMail flaws is being exploited in the wild, allowing attackers to reset admin passwords and gain SYSTEM ...

Fake Lastpass emails pose as password vault backup alerts

LastPass is warning of a new phishing campaign disguised as a maintenance notification from the service, asking users to back ...
Infosecurity Magazine

Critical Appsmith Flaw Enables Account Takeovers

An attacker can request a password reset for a victim's email address while modifying the Origin header to point to an ...

Under Armour Ransomware Attack Exposes 72M Email Addresses

Many records also contained additional personal information such as names, dates of birth, genders, geographic locations, and ...

Popular password manager under attack by hackers — don't fall for these fake backup emails

LastPass users should avoid emails recommending local vault backups, as a new holiday weekend phishing scam is currently ...
PCMag

LastPass Says Even More Phishing Emails Are Being Sent to Its Users

The password manager says customers began receiving emails on Jan. 19. Another wave of emails was sent by scammers a few days later.