INSPECTING ARCHIVED INTELLIGENCE (OUTDATED VERSION).
SmarterMail Ransomware Breaches Through Unpatched Server
| 2026-02-10 10:24 CRITICAL HIGHExecutive Summary AI-generated
The Warlock ransomware gang has breached SmarterTools' network by exploiting an unpatched SmarterMail instance, which is just one of several incidents that have highlighted the vulnerability of outdated software. The attack involved the abuse of CVE-2026-23760 to bypass authentication and stage the ransomware payload on internet-facing systems. This pace of weaponization suggests a rapid analysis of vendor fixes by operators, who are developing working tradecraft shortly after release. SmarterTools has advised users to upgrade to the latest version with immediate effect for optimal protection, while also isolating mail servers to block lateral movement attempts used to deploy ransomware. The incident serves as a reminder that cybersecurity is not just about patching vulnerabilities but also about staying ahead of attackers who rapidly analyze and exploit them.
Technical Mitigations AI-generated
* Ensure that SmarterMail instances are updated to the latest version, specifically build 9511 or higher, as soon as possible after discovering a vulnerability.
* Implement a patching strategy for vulnerable systems and services, such as updating operating systems and software to the latest versions.
* Monitor network traffic and system logs for signs of ransomware activity, and take immediate action if suspicious behavior is detected.
* Use secure coding practices when developing applications that interact with SmarterMail, including following best practices for input validation and sanitization.
* Consider implementing a two-factor authentication (2FA) or multi-factor authentication (MFA) protocol to add an extra layer of security against unauthorized access.
Technical Observables
Intelligence Metadata
Actors / Malware / CVEs / Campaigns
CVE-2026-23760CVE-2026-23760
CVE-2025-52691CVE-2025-52691
CVE-2026-24423CVE-2026-24423
CVE-2026-25067CVE-2026-25067
Target & Sectors
LA
Incident Timeline
January 15, 2026
Threat actors exploited an unpatched SmarterMail Server vulnerability to gain access to SmarterTools' Warlock Ransomware.
January 22, 2026
Threat actors exploited an unpatched SmarterMail Server vulnerability to gain access and infect the Warlock Ransomware.
January 29, 2026
SmarterMail servers were compromised through unpatched SmarterTools systems.
Click on any entity below to view its context and source!
organisation
SmarterTrack
According to its CEO, Tim Uzzanti, the "attempted ransomware attack" also impacted hosted customers using SmarterTrack.
organisation
ReliaQuest
In a report published Monday, cybersecurity company ReliaQuest said it identified activity likely linked to Warlock that involved the abuse of CVE-2026-23760 to bypass authentication and stage the ransomware payload on internet-facing systems.
organisation
Velociraptor
"Upon entry, the group installs Velociraptor, a legitimate digital forensics tool it has used in previous campaigns, to maintain access and set the stage for ransomware.
organisation
The Hacker News
"
When reached for comment about the Warlock ransomware activity targeting SmarterTools, ReliaQuest told The Hacker News that it observed the attackers exploiting CVE-2026-23760 on unpatched systems running versions prior to Build 9511 shortly after the patch was released.
infrastructure
Smartermail
"
Users of SmarterMail are advised to upgrade to the latest version (
Build 9526
) with immediate effect for optimal protection, and isolate mail servers to block lateral movement attempts used to deploy ransomware.
"Prior to the breach, we had approximately 30 servers/VMs with SmarterMail installed throughout our network," Curtis
explained
.
"
It's currently not clear which SmarterMail vulnerability was weaponized by attackers, but it's worth noting that multiple flaws in the email software –
CVE-2025-52691
(CVSS score: 10.0),
CVE-2026-23760
, and
CVE-2026-24423
(CVSS scores: 9.3) – have come under active exploitation in the wild.
CVE-2026-23760 is an authentication bypass flaw that could allow any user to reset the SmarterMail system administrator password by sending a specially crafted HTTP request.
infrastructure
30 servers
"Prior to the breach, we had approximately 30 servers/VMs with SmarterMail installed throughout our network," Curtis
explained
.
organisation
CVE-2025-52691
"
It's currently not clear which SmarterMail vulnerability was weaponized by attackers, but it's worth noting that multiple flaws in the email software –
CVE-2025-52691
(CVSS score: 10.0),
CVE-2026-23760
, and
CVE-2026-24423
(CVSS scores: 9.3) – have come under active exploitation in the wild.
infrastructure
10.0
"
It's currently not clear which SmarterMail vulnerability was weaponized by attackers, but it's worth noting that multiple flaws in the email software –
CVE-2025-52691
(CVSS score: 10.0),
CVE-2026-23760
, and
CVE-2026-24423
(CVSS scores: 9.3) – have come under active exploitation in the wild.
infrastructure
9.3
"
It's currently not clear which SmarterMail vulnerability was weaponized by attackers, but it's worth noting that multiple flaws in the email software –
CVE-2025-52691
(CVSS score: 10.0),
CVE-2026-23760
, and
CVE-2026-24423
(CVSS scores: 9.3) – have come under active exploitation in the wild.
organisation
CVSS
"
It's currently not clear which SmarterMail vulnerability was weaponized by attackers, but it's worth noting that multiple flaws in the email software –
CVE-2025-52691
(CVSS score: 10.0),
CVE-2026-23760
, and
CVE-2026-24423
(CVSS scores: 9.3) – have come under active exploitation in the wild.
organisation
API
"
The security outfit also noted that the two vulnerabilities have the same net result: while CVE-2026-23760 grants unauthenticated administrative access via the password reset API, which can then be combined with the mounting logic to attain code execution, CVE-2026-24423 offers a more direct path to code execution through an API path.
organisation
CVE-2026
"
The security outfit also noted that the two vulnerabilities have the same net result: while CVE-2026-23760 grants unauthenticated administrative access via the password reset API, which can then be combined with the mounting logic to attain code execution, CVE-2026-24423 offers a more direct path to code execution through an API path.
infrastructure
Windows
About 12 Windows servers on the company's office network, as well as a secondary data center used for quality control (QC) tests, are confirmed to be affected.
infrastructure
12 Windows servers
About 12 Windows servers on the company's office network, as well as a secondary data center used for quality control (QC) tests, are confirmed to be affected.
organisation
MSI
The attack also leverages the initial access to download a malicious MSI installer ("v4.msi") from Supabase, a legitimate cloud-based backend platform, to install
Velociraptor
.
organisation
Supabase
The attack also leverages the initial access to download a malicious MSI installer ("v4.msi") from Supabase, a legitimate cloud-based backend platform, to install
Velociraptor
.
organisation
the Active Directory
"
Furthermore, SmarterTools acknowledged that the Warlock group waited for a couple of days after gaining initial access to take control of the Active Directory server and create new users, followed by dropping additional payloads like
Velociraptor
and the locker to encrypt files.
Jan 30, 2026
Threat actors used a known vulnerability in SmarterMail Server to gain unauthorized access and exploit an unpatched version of SmarterTools' software.
Jan 30
SmarterTools addressed two security flaws in SmarterMail email software, including a critical one that could result in arbitrary code execution.
Click on any entity below to view its context and source!
infrastructure
Smartermail
Ravie Lakshmanan
Jan 30, 2026
Vulnerability / Email Security
SmarterTools has addressed two more security flaws in SmarterMail email software, including one critical security flaw that could result in arbitrary code execution.
organisation
SmarterMail
Ravie Lakshmanan
Jan 30, 2026
Vulnerability / Email Security
SmarterTools has addressed two more security flaws in SmarterMail email software, including one critical security flaw that could result in arbitrary code execution.
organisation
SmarterTools
Ravie Lakshmanan
Jan 30, 2026
Vulnerability / Email Security
SmarterTools has addressed two more security flaws in SmarterMail email software, including one critical security flaw that could result in arbitrary code execution.
organisation
Vulnerability / Email Security
Ravie Lakshmanan
Jan 30, 2026
Vulnerability / Email Security
SmarterTools has addressed two more security flaws in SmarterMail email software, including one critical security flaw that could result in arbitrary code execution.
2026-02-03
SmarterTools confirmed last week that the Warlock ransomware gang breached its network by exploiting an unpatched SmarterMail instance.
Click on any entity below to view its context and source!
tactic
Ransomware
SmarterTools confirmed last week that the Warlock (aka Storm-2603) ransomware gang breached its network by exploiting an unpatched SmarterMail instance.
Last week, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) confirmed that CVE-2026-24423 was being exploited in ransomware attacks.
infrastructure
Smartermail
SmarterTools confirmed last week that the Warlock (aka Storm-2603) ransomware gang breached its network by exploiting an unpatched SmarterMail instance.
organisation
SmarterMail
SmarterTools confirmed last week that the Warlock (aka Storm-2603) ransomware gang breached its network by exploiting an unpatched SmarterMail instance.
organisation
SmarterTools
SmarterTools confirmed last week that the Warlock (aka Storm-2603) ransomware gang breached its network by exploiting an unpatched SmarterMail instance.
organisation
Storm-2603
SmarterTools confirmed last week that the Warlock (aka Storm-2603) ransomware gang breached its network by exploiting an unpatched SmarterMail instance.
vulnerability
CVE-2026-24423
Last week, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) confirmed that CVE-2026-24423 was being exploited in ransomware attacks.
attribution
CISA
Last week, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) confirmed that CVE-2026-24423 was being exploited in ransomware attacks.
attribution
CVE-2026
Last week, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) confirmed that CVE-2026-24423 was being exploited in ransomware attacks.
WT-2026-0001
Threat actors used SmarterMail Server vulnerabilities to target SmarterTools through unpatched SmarterMail servers.
Click on any entity below to view its context and source!
vulnerability
CVE-2026-24423
Alrededor del mismo tiempo que SmarterTools parche CVE-2026-24423, los investigadores de relojTowr descubrieron otro defecto de bypass de autenticación, rastreado internamente como WT-2026-0001.
organisation
los investigadores de relojTowr
Alrededor del mismo tiempo que SmarterTools parche CVE-2026-24423, los investigadores de relojTowr descubrieron otro defecto de bypass de autenticación, rastreado internamente como WT-2026-0001.
organisation
defecto de bypass de autenticación
Alrededor del mismo tiempo que SmarterTools parche CVE-2026-24423, los investigadores de relojTowr descubrieron otro defecto de bypass de autenticación, rastreado internamente como WT-2026-0001.
2026-02-10
SmarterTools SmarterMail versions prior to build 9511 contain an unauthenticated remote code execution vulnerability in the ConnectToHub API method.
Click on any entity below to view its context and source!
infrastructure
Smartermail
CISA warns of SmarterMail RCE flaw used in ransomware attacks.
La Agencia de Seguridad de la Ciberseguridad e Infraestructura de los Estados Unidos (CISA) está advirtiendo que los agentes ransomware están explotando CVE-2026-24423, una vulnerabilidad crítica en SmarterMail que permite la ejecución de código remoto sin autenticación.
Warlock Ransomware Breaches SmarterTools Through Unpatched SmarterMail Server.
SmarterMail es un servidor de correo electrónico basado en Windows y una plataforma de colaboración de SmarterTools.
La falla CVE-2026-24423 afecta las versiones SmarterTools SmarterMail antes de construir 9511, y la explotación exitosa puede llevar a la ejecución remota de códigos (RCE) a través de la API ConnectToHub.
El vendedor arregló la falla el 15 de enero en SmarterMail Build 9511.
“SmarterTools SmarterMail contiene una autentificación perdida para una vulnerabilidad de función crítica en el método ConnectToHub API”, el
agencia gubernamental
adviertes
.
“Esto podría permitir que el atacante señale la instancia SmarterMail a un servidor HTTP malicioso que sirve el comando OS malicioso y podría llevar a la ejecución de comandos.”
CISA ha dado a organismos federales y entidades con obligaciones
Desde entonces, SmarterMail ha fijado fallos adicionales de seguridad calificados “críticos”, por lo que se recomienda que los administradores del sistema actualicen a los
más reciente
, actualmente 9526, liberado el 30 de enero.
SmarterMail Fixes Critical Unauthenticated RCE Flaw with CVSS 9.3 Score.
"SmarterTools SmarterMail versions prior to build 9511 contain an unauthenticated remote code execution vulnerability in the ConnectToHub API method," according to a
description of the flaw
in CVE.org.
"The attacker could point the SmarterMail to the malicious HTTP server, which serves the malicious OS [operating system] command.
"On Windows systems, this allows UNC [Universal Naming Convention] paths to be resolved, causing the SmarterMail service to initiate outbound SMB authentication attempts to attacker-controlled hosts.
With two vulnerabilities in SmarterMail coming under active exploitation over the past week, it's essential that users update to the latest version as soon as possible.
infrastructure
Windows
SmarterMail es un servidor de correo electrónico basado en Windows y una plataforma de colaboración de SmarterTools.
"On Windows systems, this allows UNC [Universal Naming Convention] paths to be resolved, causing the SmarterMail service to initiate outbound SMB authentication attempts to attacker-controlled hosts.
organisation
SmarterMail
SmarterMail es un servidor de correo electrónico basado en Windows y una plataforma de colaboración de SmarterTools.
organisation
un
SmarterMail es un servidor de correo electrónico basado en Windows y una plataforma de colaboración de SmarterTools.
organisation
La falla CVE-2026-24423
La falla CVE-2026-24423 afecta las versiones SmarterTools SmarterMail antes de construir 9511, y la explotación exitosa puede llevar a la ejecución remota de códigos (RCE) a través de la API ConnectToHub.
organisation
remota de códigos
La falla CVE-2026-24423 afecta las versiones SmarterTools SmarterMail antes de construir 9511, y la explotación exitosa puede llevar a la ejecución remota de códigos (RCE) a través de la API ConnectToHub.
organisation
El vendedor
El vendedor arregló la falla el 15 de enero en SmarterMail Build 9511.
organisation
SmarterMail Build
El vendedor arregló la falla el 15 de enero en SmarterMail Build 9511.
organisation
Desde
Desde entonces, SmarterMail ha fijado fallos adicionales de seguridad calificados “críticos”, por lo que se recomienda que los administradores del sistema actualicen a los
más reciente
, actualmente 9526, liberado el 30 de enero.
organisation
el 30
Desde entonces, SmarterMail ha fijado fallos adicionales de seguridad calificados “críticos”, por lo que se recomienda que los administradores del sistema actualicen a los
más reciente
, actualmente 9526, liberado el 30 de enero.
organisation
SmarterMail Fixes Critical Unauthenticated
SmarterMail Fixes Critical Unauthenticated RCE Flaw with CVSS 9.3 Score.
organisation
CVSS 9.3 Score
SmarterMail Fixes Critical Unauthenticated RCE Flaw with CVSS 9.3 Score.
organisation
CVE.org
"SmarterTools SmarterMail versions prior to build 9511 contain an unauthenticated remote code execution vulnerability in the ConnectToHub API method," according to a
description of the flaw
in CVE.org.
organisation
UNC
"On Windows systems, this allows UNC [Universal Naming Convention] paths to be resolved, causing the SmarterMail service to initiate outbound SMB authentication attempts to attacker-controlled hosts.
organisation
Universal Naming Convention
"On Windows systems, this allows UNC [Universal Naming Convention] paths to be resolved, causing the SmarterMail service to initiate outbound SMB authentication attempts to attacker-controlled hosts.
organisation
SMB
"On Windows systems, this allows UNC [Universal Naming Convention] paths to be resolved, causing the SmarterMail service to initiate outbound SMB authentication attempts to attacker-controlled hosts.
organisation
CVSS
The vulnerability, tracked as
CVE-2026-24423
, carries a CVSS score of 9.3 out of 10.0.
organisation
básica de groupware.
El producto proporciona servicios de correo SMTP/IMAP/POP junto con webmail, calendarios, contactos y funcionalidad básica de groupware.
organisation
medianas empresas
Es comúnmente implementado por proveedores de servicios gestionados (MSPs), pequeñas y medianas empresas, y compañías de hosting que ofrecen servicios de correo electrónico.
organisation
SmarterTools
La vulnerabilidad fue descubierta y revelada responsablemente a SmarterTools por investigadores de seguridad en watchTowr, CODE WHITE y VulnCheck cibersecurity companies.
organisation
BOD
bajo la orientación BOD 22-01 para aplicar las actualizaciones de seguridad y las atenuaciones aumentadas por proveedores o dejar de utilizar el producto antes del 26 de febrero de 2026.
organisation
las actualizaciones de seguridad
bajo la orientación BOD 22-01 para aplicar las actualizaciones de seguridad y las atenuaciones aumentadas por proveedores o dejar de utilizar el producto antes del 26 de febrero de 2026.
organisation
dejar de utilizar el producto
bajo la orientación BOD 22-01 para aplicar las actualizaciones de seguridad y las atenuaciones aumentadas por proveedores o dejar de utilizar el producto antes del 26 de febrero de 2026.
organisation
El defecto
El defecto, que no tiene número de identificación, permite restablecer la contraseña del administrador sin ninguna verificación y ha sido
explotados por hackers
poco después de que el vendedor libere un parche.
organisation
los registros de sistemas
Los investigadores basan esto en consejos anónimos, llamadas específicas en los registros de sistemas comprometidos, y puntos finales que coinciden exactamente con el camino de código vulnerable.
organisation
el camino de código
Los investigadores basan esto en consejos anónimos, llamadas específicas en los registros de sistemas comprometidos, y puntos finales que coinciden exactamente con el camino de código vulnerable.
organisation
aprenda
En esta nueva guía de Tines, aprenda cómo su equipo puede reducir los retrasos manuales ocultos, mejorar la confiabilidad mediante la respuesta automatizada y construir y escalar flujos de trabajo inteligentes en la parte superior de las herramientas que ya utiliza.
organisation
la respuesta automatizada
En esta nueva guía de Tines, aprenda cómo su equipo puede reducir los retrasos manuales ocultos, mejorar la confiabilidad mediante la respuesta automatizada y construir y escalar flujos de trabajo inteligentes en la parte superior de las herramientas que ya utiliza.
infrastructure
9.3
The same build also patches another critical flaw (
CVE-2026-23760
, CVSS score: 9.3) that has since come under active exploitation in the wild.
organisation
NTLM
In addition, SmarterTools has shipped fixes to plug a medium-severity security vulnerability (CVE-2026-25067, CVSS score: 6.9) that could allow an attacker to facilitate NTLM relay attacks and unauthorized network authentication.
organisation
VulnCheck
"
watchTowr researchers Sina Kheirkhah and Piotr Bazydlo,
CODE WHITE GmbH's Markus Wulftange
, and
VulnCheck's Cale Black
have been credited with discovering and reporting the vulnerability.
organisation
Cale Black
"
watchTowr researchers Sina Kheirkhah and Piotr Bazydlo,
CODE WHITE GmbH's Markus Wulftange
, and
VulnCheck's Cale Black
have been credited with discovering and reporting the vulnerability.
Tactical Metrics
Metrics
infrastructure
Smartermail
Affected Product
Click for context!
CISA warns of SmarterMail RCE flaw used in ransomware attacks.
La Agencia de Seguridad de la Ciberseguridad e Infraestructura de los Estados Unidos (CISA) está advirtiendo que los agentes ransomware están explotando CVE-2026-24423, una vulnerabilidad crítica en SmarterMail que permite la ejecución de código remoto sin autenticación.
SmarterMail es un servidor de correo electrónico basado en Windows y una plataforma de colaboración de SmarterTools.
La falla CVE-2026-24423 afecta las versiones SmarterTools SmarterMail antes de construir 9511, y la explotación exitosa puede llevar a la ejecución remota de códigos (RCE) a través de la API ConnectToHub.
El vendedor arregló la falla el 15 de enero en SmarterMail Build 9511.
“SmarterTools SmarterMail contiene una autentificación perdida para una vulnerabilidad de función crítica en el método ConnectToHub API”, el
agencia gubernamental
adviertes
.
“Esto podría permitir que el atacante señale la instancia SmarterMail a un servidor HTTP malicioso que sirve el comando OS malicioso y podría llevar a la ejecución de comandos.”
CISA ha dado a organismos federales y entidades con obligaciones
Desde entonces, SmarterMail ha fijado fallos adicionales de seguridad calificados “críticos”, por lo que se recomienda que los administradores del sistema actualicen a los
más reciente
, actualmente 9526, liberado el 30 de enero.
Warlock Ransomware Breaches SmarterTools Through Unpatched SmarterMail Server.
SmarterTools confirmed last week that the Warlock (aka Storm-2603) ransomware gang breached its network by exploiting an unpatched SmarterMail instance.
"
Users of SmarterMail are advised to upgrade to the latest version (
Build 9526
) with immediate effect for optimal protection, and isolate mail servers to block lateral movement attempts used to deploy ransomware.
"Prior to the breach, we had approximately 30 servers/VMs with SmarterMail installed throughout our network," Curtis
explained
.
"
It's currently not clear which SmarterMail vulnerability was weaponized by attackers, but it's worth noting that multiple flaws in the email software –
CVE-2025-52691
(CVSS score: 10.0),
CVE-2026-23760
, and
CVE-2026-24423
(CVSS scores: 9.3) – have come under active exploitation in the wild.
CVE-2026-23760 is an authentication bypass flaw that could allow any user to reset the SmarterMail system administrator password by sending a specially crafted HTTP request.
SmarterMail Fixes Critical Unauthenticated RCE Flaw with CVSS 9.3 Score.
Ravie Lakshmanan
Jan 30, 2026
Vulnerability / Email Security
SmarterTools has addressed two more security flaws in SmarterMail email software, including one critical security flaw that could result in arbitrary code execution.
"SmarterTools SmarterMail versions prior to build 9511 contain an unauthenticated remote code execution vulnerability in the ConnectToHub API method," according to a
description of the flaw
in CVE.org.
"The attacker could point the SmarterMail to the malicious HTTP server, which serves the malicious OS [operating system] command.
"On Windows systems, this allows UNC [Universal Naming Convention] paths to be resolved, causing the SmarterMail service to initiate outbound SMB authentication attempts to attacker-controlled hosts.
With two vulnerabilities in SmarterMail coming under active exploitation over the past week, it's essential that users update to the latest version as soon as possible.
Metrics
infrastructure
Windows
Affected Product
SmarterMail es un servidor de correo electrónico basado en Windows y una plataforma de colaboración de SmarterTools.
About 12 Windows servers on the company's office network, as well as a secondary data center used for quality control (QC) tests, are confirmed to be affected.
"On Windows systems, this allows UNC [Universal Naming Convention] paths to be resolved, causing the SmarterMail service to initiate outbound SMB authentication attempts to attacker-controlled hosts.
Metrics
infrastructure
30
Servers
"Prior to the breach, we had approximately 30 servers/VMs with SmarterMail installed throughout our network," Curtis
explained
.
Metrics
infrastructure
12
Windows Servers
About 12 Windows servers on the company's office network, as well as a secondary data center used for quality control (QC) tests, are confirmed to be affected.
Metrics
infrastructure
10.0
Software Version
"
It's currently not clear which SmarterMail vulnerability was weaponized by attackers, but it's worth noting that multiple flaws in the email software –
CVE-2025-52691
(CVSS score: 10.0),
CVE-2026-23760
, and
CVE-2026-24423
(CVSS scores: 9.3) – have come under active exploitation in the wild.
Metrics
infrastructure
9.3
Software Version
"
It's currently not clear which SmarterMail vulnerability was weaponized by attackers, but it's worth noting that multiple flaws in the email software –
CVE-2025-52691
(CVSS score: 10.0),
CVE-2026-23760
, and
CVE-2026-24423
(CVSS scores: 9.3) – have come under active exploitation in the wild.
The same build also patches another critical flaw (
CVE-2026-23760
, CVSS score: 9.3) that has since come under active exploitation in the wild.
Intelligence Sources
The Hacker News
2026-01-30
BleepingComputer
2026-02-06
CISA warns of SmarterMail RCE flaw used in ransomware attacks
BleepingComputer
The Hacker News
2026-02-10
Unpublish from Social Media?
Are you sure you want to delete this podcast video from all synchronized social networks (YouTube, Facebook, Threads)?
Important:
Due to Meta API restrictions, Instagram Reels cannot be deleted automatically via API by third-party apps.
View Profile to Delete Manually
View Profile to Delete Manually
Tactical Intelligence
Report Intelligence Issue
Podcast Options
Generate
Incident Version History
CURRENT VERSION
Last Updated: 2026-04-27T06:51
Comprehensive Tactical Telemetry
Highly Correlated Entities
43x
organisation
Identified Entity
SmarterMail
entity
10x
timeline
Temporal Reference
WT-2026-0001
date
7x
attribution
Attributing Entity
SmarterMail RCE
authority
4x
vulnerability
Exploited CVE
CVE-2026-24423
cve
3x
tactic
Cyber Operation Type
Ransomware
tactic
2x
infrastructure
Affected Product
Smartermail
software
2x
infrastructure
Software Version
10.0
version
Contextual Telemetry
Context Block
14 METRICS
general metric
El
15
el
general metric
Enero
30
enero
target region
Target Country
Lao People's Democratic Republic
country
general metric
Febrero
26
febrero
general metric
De
2,026
de
general metric
Países
120
países
tactic
MITRE ATT&CK Technique
T1584.004 - Server
technique
general metric
Cve-2026
23,760
cve-2026
infrastructure
Servers
30
servers
infrastructure
Windows Servers
12
windows servers
general metric
Cvss Scores
9
cvss scores
general metric
Second Vulnerability
24,423
second vulnerability
vulnerability
CVSS Score
9
score
general metric
Score
7
score
Click on any entity below to view its context in the main text!
Selective Unpublish
Selecciona las redes de las que quieres eliminar esta publicación. El sistema intentará borrar el post real de la API y limpiará la base de datos para que puedas volver a lanzarlo.
By navigating this website, you accept the use of strictly necessary technical cookies for session security and basic platform functionality. We do not use tracking or advertising cookies.
Read our Privacy Policy.