Robinhood account creation flaw abused to send phishing emails
Online trading platform Robinhood’s account creation process was exploited by threat actors to inject phishing messages into legitimate emails, tricking users into believing their accounts had suspicious activity. Starting last night, Robinhood customers began receiving “Your recent login to Robinhood” emails stating that an “Unrecognized Device Linked to Your Account” was detected, containing unusual IP addresses […]
Microsoft says Outlook.com outage is causing sign‑in failures
Microsoft is investigating an ongoing Outlook.com outage that is causing intermittent signing issues and preventing customers from accessing their mailboxes. Since the incident started over three hours ago, outage monitoring service Downdetector has received thousands of user reports, with most affected users reporting login problems and connection issues. In an update on the company’s official Service Health Status […]
Over 10,000 Zimbra servers vulnerable to ongoing XSS attacks
Over 10,000 Zimbra Collaboration Suite (ZCS) instances exposed online are vulnerable to ongoing attacks exploiting a cross-site scripting (XSS) security flaw, according to nonprofit security organization Shadowserver. Zimbra is a popular email and collaboration software suite used by hundreds of millions of people worldwide, including hundreds of government agencies and thousands of businesses. The vulnerability (tracked as CVE-2025-48700) […]
Apple account change alerts abused to send phishing emails
Apple account change notifications are being abused to send fake iPhone purchase phishing scams within legitimate emails sent from Apple’s servers, increasing legitimacy and potentially allowing them to bypass spam filters. A reader shared an email with GeekFeed that appeared to be a standard Apple security notification that stated their account information had been updated. […]
New ATHR vishing platform uses AI voice agents for automated attacks
A new cybercrime platform called ATHR can harvest credentials via fully automated voice phishing attacks that use both human operators and AI agents for the social engineering phase. The malicious operation is advertised on underground forums for $4,000 and a 10% comission from profits, and can steal login data for multiple services, including Google, Microsoft, […]
Google rolls out Gmail end-to-end encryption on mobile devices
Google says Gmail end-to-end encryption (E2EE) is now available on all Android and iOS devices, allowing enterprise users to read and compose emails without additional tools. Starting this week, encrypted messages will be delivered as regular emails to Gmail recipients’ inboxes if they use the Gmail app. Recipients who don’t have the Gmail mobile app […]
Microsoft fixes Classic Outlook bug causing email delivery issues
Microsoft has resolved a known issue that was preventing some Classic Outlook users from sending emails via Outlook.com. As the company explained when it acknowledged the issue last week, affected users were being warned that some of their messages hadn’t reached intended recipients. Microsoft said that those experiencing this issue would encounter it more often when […]
Microsoft links Classic Outlook issue to email delivery problems
Microsoft is investigating a known issue that prevents some Classic Outlook users from sending emails via Outlook.com. Affected users are being warned that their message hasn’t reached some intended recipients, and they will encounter this problem more often when the Outlook.com account they use to send email is an Outlook profile linked to another Exchange […]
Microsoft still working to fix Exchange Online mailbox access issues
Microsoft is investigating and working to resolve Exchange Online mailbox access issues that have intermittently affected Outlook mobile and macOS users for weeks. When it first acknowledged this service issue (tracked under EX1256020) last week, Microsoft said the root cause was a newly introduced virtual account. While the company flagged it as resolved on April 1, […]
Google now allows you to change your @gmail.com address
Google is rolling out a new feature that allows users in the U.S. to change their @gmail address or create a new alias. This feature was first spotted in October 2025 and showed up on some Google accounts by the end of the year, but it was not available in the United States. Starting today, Google says […]