Mozilla announced last week plans to modernize Thunderbird's codebase, plans that include fixing some "technical debt" by incorporating the recent changes in the Mozilla engine into Thunderbird, adding a new user interface (UI), and phasing out old legacy add-ons that are built on the XUL and XPCOM APIs.
German security researcher Sabri Haddouche has discovered a set of vulnerabilities that he collectively refers to as Mailsploit, and which allow an attacker to spoof email identities, and in some cases, run malicious code on the user's computer.
A critical remote code execution flaw affects over half of the Internet's email servers, and there's no fix for it available, just yet.
Hackers have taken over the email account of a Louisiana funeral home and are sending email scams to the company's customers, asking for money.
Users who utilized Microsoft Outlook to send out secure emails encrypted via the S/MIME standard might have had the content of those emails leaked by an Outlook bug.
A new email attack scenario nicknamed ROPEMAKER allows a threat actor to change the content of emails received by targets via remote CSS files.
Facebook has awarded this year's Internet Defense Prize worth $100,000 to a team of researchers from the University of California, Berkeley, who came up with a new method of detecting spear-phishing attacks in closely monitored enterprise networks.
Jason Needham, 45, of Arlington, Tennessee was sentenced last week to 18 months in prison and two years of supervised release for hacking his former company's FTP server and the email account of one of his former colleagues.
Posteo, the email provider where the Petya author is hosting an inbox to handle victims from today's massive ransomware outbreak, has announced that it shut down the crook's email account: email@example.com.
A "determined" attacker has breached the email system of the UK Parliament over the weekend, according to a statement put out by the UK government on Sunday afternoon.
Britain's Internet regulator, the Information Commissioner's Office (ICO), has fined the city council of Gloucester with £100,000 ($125,000) after local authorities failed to apply a security update for almost three months.
There is a way to inject malicious content into email servers running email encryption appliances, a technique that allows attackers to go around email security products.
Microsoft said last week it's fixing the infamous J bug that affected the company's Outlook service for the past seven years, according to a report from last week.
After exploring plans of ditching the Thunderbird project in the lap of another organization, the Mozilla Foundation has decided to keep its infamous email client under its wing for a little longer, albeit in a new role, and not as a core project.
Polish security expert Dawid Golunski has discovered a zero-day in the WordPress password reset mechanism that would allow an attacker to obtain the password reset link, under certain circumstances.
A malware infection affecting servers belonging to the Virginia State Police (VSP) has shut down the department's email system, along with its ability to update the Virginia Sex Offender and Crimes Against Children Registry (SOR).
A simple email marketing trick is also abused by cyber-criminals, who are employing a technique known as "pixel tracking" to gather information on possible targets or to improve the efficiency of phishing attacks.
Corporate email addresses are 4.3 more likely to receive malware compared to personal accounts, 6.2 times more likely to receive phishing lures, and 0.4 times less likely to receive spam.
The Email Privacy Act (EPA) is for the second year in a row in front of the US Senate after the US House of Representatives approved the bill on Monday.
A former IT administrator for the American College of Education (ACE) in Indiana was ordered to pay damages of $248,350 after a court found him responsible after the institution lost access to its email system.