Boardrooms fret about data security, and rightly so. Varonis says its new platform fixes it. We're not so sure.
Forget incremental updates. SEPPMail Secure E-Mail Gateway just dropped a bomb, revealing a cascade of vulnerabilities that could let attackers not just peek, but take the keys to your entire email kingdom. We're talking remote code execution and unfettered access to every message flowing through your enterprise. This isn't just a patch; it's a seismic shift in how we need to think about email gateway security.
A serious security flaw is actively being exploited in on-premise Microsoft Exchange Server installations. CVE-2026-42897 allows attackers to execute JavaScript through specially crafted emails.
Forget spoofed domains and compromised accounts. The new frontier of phishing is here, weaponizing trusted SaaS platforms like Microsoft Dynamics for massive, undetectable attacks.
Robinhood users weren't hacked, but they were tricked. A bizarre quirk in how the trading platform handled new accounts allowed attackers to send legitimate-looking phishing emails directly into users' inboxes.
So, Robinhood thought its new account emails were for welcoming users. Turns out, they were actually a perfectly crafted delivery system for scammers. Classic.
Thought open redirects were yesterday's news? Think again. They snagged 21% of phishing emails in early 2026, dodging filters like pros.
Phishing remains the most common initial attack vector for data breaches. Understanding the evolving tactics attackers use is essential for building effective defenses.