email security

Proxmox Mail Gateway: Open-source email security solution reaches version 9.0
First released in 2005, the open-source Proxmox Mail Gateway has become a widely adopted mail proxy, positioned between the firewall and the internal mail server to stop …

How attackers poison AI tools and defenses
Cyberattackers are using generative AI to draft polished spam, create malicious code and write persuasive phishing lures. They are also learning how to turn AI systems …

Libraesva ESG zero-day vulnerability exploited by attackers (CVE-2025-59689)
Suspected state-sponsored attackers have exploited a zero-day vulnerability (CVE-2025-59689) in the Libraesva Email Security Gateway (ESG), the Italian email security company …

The state of DMARC adoption: What 10M domains reveal
In this Help Net Security video, John Wilson, Senior Fellow, Threat Research at Fortra, explores the state of DMARC adoption across the top 10 million internet domains. He …

For $40, you can buy stolen police and government email accounts
Active police and government email accounts are being sold on the dark web for as little as $40, giving cybercriminals a direct line into systems and services that rely on …

Cybercriminals are getting personal, and it’s working
Cybercriminals are deploying unidentifiable phishing kits (58% of phishing sites) to propagate malicious campaigns at scale, indicating a trend towards custom-made or …

Email security risks healthcare IT can’t afford to ignore
92% of healthcare IT leaders say they’re confident in their ability to prevent email-based data breaches, but according to Paubox, they’re not. Healthcare compliance …

Employees repeatedly fall for vendor email compromise attacks
In just 12 months, attackers attempted to steal more than $300 million via vendor email compromise (VEC), with 7% of engagements coming from employees who had engaged with a …

Russia-linked hackers target webmail servers in Ukraine-related espionage operation
ESET researchers have uncovered RoundPress, a Russia-aligned espionage operation targeting webmail servers via XSS vulnerabilities. Behind it is most likely the Russia-aligned …

Low-tech phishing attacks are gaining ground
Cybercriminals are increasingly favoring low-tech, human-centric attacks to bypass email scanning technologies, according to VIPRE Security. The report is based on an analysis …

CISA warns about actively exploited Broadcom, Commvault vulnerabilities
The Cybersecurity and Infrastructure Security Agency (CISA) has added three new flaws to its Known Exploited Vulnerabilities catalog on Monday, affecting Commvault …

Google is making sending end-to-end encrypted emails easy
Sending end-to-end encrypted (E2EE) emails from Gmail enterprise accounts is about to become much easier than it is now, Google has announced on Tuesday. The company will …