SmarterTools confirms Warlock ransomware breach via unpatched email server

The intrusion originated from a single SmarterMail VM that had been set up by an employee and was not receiving updates.

Latest Security News

View Archive →

Security News

The activity may have involved recently disclosed flaws tracked as CVE-2025-40551 and CVE-2025-40536, or a previous issue (CVE-2025-26399).

February 10, 2026 3 min read

Security News

The activity exploits exposed Docker APIs, Kubernetes clusters, Ray dashboards, and Redis servers, as well as the critical React2Shell vulnerability.

February 10, 2026 2 min read

Security News

The flaws (CVE-2026-1281 and CVE-2026-1340) allow attackers to remotely compromise mobile device management systems without authentication.

February 10, 2026 4 min read

Security News

The attackers are exploiting Signalu2019s legitimate features rather than malware or software vulnerabilities.

🕒 February 9, 2026 • 2 min read

Security News

TGR-STA-1030 relies on an extensive toolkit of frameworks, web shells, tunneling utilities to maintain long-term access.

🕒 February 9, 2026 • 3 min read

Security News

DKnife is a post-compromise framework designed for traffic monitoring and adversary-in-the-middle (AitM) attacks.

🕒 February 9, 2026 • 2 min read