ransomNewsFeb 23
⚠️ SmarterMail flaws rapidly weaponized on Telegram Threat actors are sharing exploits for newly disclosed #SmarterMail vulnerabilities across #Telegram channels, accelerating mass scanning and compromise attempts before patch adoption,. #ransomNews #ZeroDay #ThreatIntel
ClaudiaFeb 23

⚠️ SmarterMail flaws rapidly weaponized on Telegram

Threat actors are sharing exploits for newly disclosed #SmarterMail vulnerabilities across #Telegram channels, accelerating mass scanning and compromise attempts before patch adoption, highlighting the shrinking window between disclosure and active exploitation.

#ransomNews #ZeroDay #ThreatIntel

CyberVeille.chFeb 11
📢 SmarterTools détaille une intrusion via un serveur SmarterMail non patché et les activités du Warlock Group
📝 Source: SmarterTools (communiqué...
📖 cyberveille : https://cyberveille.ch/posts/2026-02-11-smartertools-detaille-une-intrusion-via-un-serveur-smartermail-non-patche-et-les-activites-du-warlock-group/
🌐 source : https://portal.smartertools.com/community/a97747/summary-of-smartertools-breach-and-smartermail-cves.aspx
#Correctifs_de_sécurité #SmarterMail #Cyberveille
SmarterTools détaille une intrusion via un serveur SmarterMail non patché et les activités du Warlock Group

Source: SmarterTools (communiqué de Derek Curtis). Contexte: retour d’expérience après une intrusion constatée le 29 janvier 2026, avec précisions sur l’impact, les correctifs SmarterMail et les comportements malveillants observés chez des clients. SmarterTools indique qu’un serveur SmarterMail Windows non mis à jour (VM oubliée) a servi de point d’entrée, entraînant une intrusion réseau. La segmentation a limité l’impact: le site, la boutique et le portail clients n’ont pas été affectés; aucune application métier ni donnée de compte compromise. Des serveurs de lab/QC au data center ont été restaurés depuis une sauvegarde de 6 h par prudence.

CyberVeille
ransomNewsFeb 10
🚨 Warlock gang exploits SmarterMail flaws The #Warlock ransomware group abused critical SmarterMail bugs to gain unauthenticated access, execute code, and compromise exposed mail servers running unpatched SmarterTools installations. #ransomNews #SmarterMail #Ransomware
Marcel SIneM(S)USFeb 6
Jetzt updaten! Angreifer übernehmen #SmarterMail-Instanzen als Admin | Security https://www.heise.de/news/Jetzt-updaten-Angreifer-uebernehmen-SmarterMail-Instanzen-als-Admin-11163471.html #Patchday
Jetzt updaten! Angreifer übernehmen SmarterMail-Instanzen als Admin

Drei kritische Sicherheitslücken bedrohen SmarterTools E-Mail-Software SmarterMail. Ein Sicherheitsupdate ist verfügbar.

heise online
RedPacket SecurityFeb 5

CVE Alert: CVE-2026-24423 - SmarterTools - SmarterMail - https://www.redpacketsecurity.com/cve-alert-cve-2026-24423-smartertools-smartermail/

#OSINT #ThreatIntel #CyberSecurity #cve-2026-24423 #smartertools #smartermail

CVE Alert: CVE-2026-24423 - SmarterTools - SmarterMail - RedPacket Security

SmarterTools SmarterMail versions prior to build 9511 contain an unauthenticated remote code execution vulnerability in the ConnectToHub API method. The

RedPacket Security
securityaffairsJan 30
SmarterTools patches critical #SmarterMail flaw allowing code execution
https://securityaffairs.com/187496/security/smartertools-patches-critical-smartermail-flaw-allowing-code-execution.html
#securityaffairs #hacking
SmarterTools patches critical SmarterMail flaw allowing code execution

SmarterTools fixed two SmarterMail flaws, including a critical bug (CVE-2026-24423) that could allow arbitrary code execution.

Security Affairs
The New OilJan 28

Over 6,000 #SmarterMail servers exposed to automated hijacking attacks

https://www.bleepingcomputer.com/news/security/over-6-000-smartermail-servers-exposed-to-automated-hijacking-attacks/

#email #cybersecurity #SmarterTools

Over 6,000 SmarterMail servers exposed to automated hijacking attacks

Nonprofit security organization Shadowserver has found over 6,000 SmarterMail servers exposed online and likely vulnerable to attacks exploiting a critical authentication bypass vulnerability.

BleepingComputer
securityaffairsJan 27
#Shadowserver finds 6,000+ likely vulnerable #SmarterMail servers exposed online
https://securityaffairs.com/187394/hacking/shadowserver-finds-6000-likely-vulnerable-smartermail-servers-exposed-online.html
#securityaffairs #hacking
Shadowserver finds 6,000+ likely vulnerable SmarterMail servers exposed online

Shadowserver researchers found 6,000+ SmarterMail servers exposed online and likely vulnerable to a critical auth bypass flaw.

Security Affairs
The New OilJan 23

#SmarterMail auth bypass flaw now exploited to hijack admin accounts

https://www.bleepingcomputer.com/news/security/smartermail-auth-bypass-flaw-now-exploited-to-hijack-admin-accounts/

#cybersecurity

SmarterMail auth bypass flaw now exploited to hijack admin accounts

Hackers began exploiting an authentication bypass vulnerability in SmarterTools' SmarterMail email server and collaboration tool that allows resetting admin passwords.

BleepingComputer