SmarterTools Breach Triggered by SmarterMail Flaw
The SmarterTools breach did not begin with phishing emails or stolen passwords. Instead, attackers entered the company’s network by exploiting a flaw in SmarterMail, the very product SmarterTools develops and maintains. The incident unfolded on January 29, 2026, when the Warlock ransomware group leveraged an authentication bypass vulnerability to gain control of an unpatched internal server. This breach serves as
Snapchat Account Hacking Left Hundreds of Accounts Exposed
Snapchat account hacking often succeeds not because of technical flaws, but because attackers understand how to manipulate people. A recent federal case in the United States illustrates this reality clearly, showing how a single individual accessed hundreds of private accounts by exploiting trust rather than exploiting software. The case highlights a growing pattern in cybercrime, where attackers bypass security protections
European Commission Data Breach Hits Staff Systems
A European Commission data breach has exposed internal staff contact information after attackers accessed a system used to manage official mobile devices. Investigators found no evidence that employee phones were directly compromised. However, the incident highlights how backend infrastructure can still become a valuable target. Even limited personal data exposure can create meaningful security risks when attackers use it to
Cloud Storage Payment Scam Floods Inboxes With Fake Renewals
Inbox phishing has entered a new phase as a widespread cloud storage payment scam targets users with urgent fake renewal notices. The messages claim storage plans have expired or payments failed, warning that files could soon be deleted. By exploiting fear around lost photos, backups, and documents, attackers pressure recipients into acting quickly and without verification. The campaign stands out
Nike Investigates Data Breach Linked To Extortion Group
Nike has launched a data breach investigation after an extortion group leaked internal company files online. The incident came to light when attackers published sample documents and claimed they had gained access to sensitive internal systems. Nike has confirmed it is assessing the situation, although it has not verified the attackers’ claims or the full scope of the alleged breach.
Mustang Panda Infostealers Expand CoolClient Backdoor
Mustang Panda infostealers are now playing a central role in the Chinese-linked threat actor’s espionage campaigns, marking a clear shift in how the group extracts value from compromised systems. Recent research shows that the CoolClient backdoor has evolved beyond basic remote access and now includes dedicated data-stealing capabilities. This development raises the risk profile of CoolClient infections, especially for government
Zendesk Spam Abuse Targets Global Support Systems
Zendesk spam abuse has triggered a massive global email wave, flooding inboxes with unsolicited messages sent through legitimate customer support systems. The campaign does not rely on malware or phishing links. Instead, it exploits how many companies configure their Zendesk ticket submission workflows, allowing attackers to weaponize trusted infrastructure at scale. The result has been widespread disruption. Victims report receiving
FortiGate Firewall Breach Exposes Network Configurations
A recent FortiGate firewall breach has highlighted how exposed perimeter infrastructure can create serious and lasting security risks. Attackers gained unauthorized access to FortiGate devices by reaching management interfaces that were accessible from the internet. This allowed them to export full configuration files without deploying malware or exploiting a software flaw. The incident shows how operational exposure alone can undermine
GhostPoster Extensions Linked to Stealth Malware Campaign
Security researchers have uncovered a widespread malicious browser extension campaign known as GhostPoster extensions, exposing how trusted add-ons can quietly turn into powerful malware. The campaign involved multiple extensions distributed through official browser stores and installed by hundreds of thousands of users. These extensions appeared harmless and useful. Many offered translation tools, text utilities, or browsing enhancements. Behind the scenes,
Gmail Address Change Lets Users Rename Their Inbox
Google has begun rolling out a long-awaited feature that allows users to change their Gmail address without creating a new account. The Gmail address change removes one of the platform’s most rigid limitations and gives users a way to modernize their email identity without losing years of data. For many people, Gmail addresses were created early in their digital lives,
