An unpatched high-severity security flaw has been disclosed in the open-source RainLoop web-based email client that could be weaponized to siphon emails from victims’ inboxes. “The code vulnerability […] can be easily exploited by an attacker by sending a malicious email to a victim that uses RainLoop as a mail client,” SonarSource security researcher Simon […]
Open source webmail provider Roundcube has released an update that addresses a critical vulnerability in all default configurations that could allow an attacker to run arbitrary code on the host operating system. The flaw is serious because it’s relatively simple to exploit and can allow an attacker to access email accounts or move deeper onto […]
IBM’s X-Force research team has uncovered a new piece of data-swiping malware whose modular design allows it to be quickly altered and made even more dangerous. CoreBot’s main threat is its ability to steal passwords stored in the endpoint’s browser in areas such as webmail accounts, ewallets, private certificates and other personal data sources. Even […]
Latest Comments