SmarterMail auth bypass flaw now exploited to hijack admin accounts
Hackers began exploiting an authentication bypass vulnerability in SmarterTools' SmarterMail email server and collaboration tool that allows resetting admin passwords. [...]
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Hackers began exploiting an authentication bypass vulnerability in SmarterTools' SmarterMail email server and collaboration tool that allows resetting admin passwords. [...]
Attackers Read Server Files and Steal Credentials in Gladinet CentreStack, TriofoxHackers are exploiting a flaw allowing them to access without authentication document root folder files in file-sharing and remote-access software, where they obtain access tokens and passwords to unlock remote access to corporate file systems, warn researchers.
Attackers Read Server Files and Steal Credentials in Gladinet CentreStack, TriofoxHackers are exploiting a flaw allowing them to access without authentication document root folder files in file-sharing and remote-access software, where they obtain access tokens and passwords to unlock remote access to corporate file systems, warn researchers.
Hardcoded passwords and path traversals keeping bug hunters in work Security researchers have issued a warning about a pre-authentication exploit chain affecting a CMS used by some of the biggest companies in the world.…
Microsoft's Visual Studio Code (VS Code) code editor and development environment contains a flaw that allows malicious extensions to retrieve authentication tokens stored in Windows, Linux, and macOS credential managers. [...]