Attackers With Decompilers Strike Again (SmarterTools SmarterMail WT-2026-0001 Auth Bypass)

labs.watchtowr.com

Attackers With Decompilers Strike Again (SmarterTools SmarterMail WT-2026-0001 Auth Bypass)

labs.watchtowr.com

digicat@infosec.pubM to

blueteamsec@infosec.pubEnglish · 5 days ago

Well, well, well - look what we’re back with. You may recall that merely two weeks ago, we analyzed CVE-2025-52691 - a pre-auth RCE vulnerability in the SmarterTools SmarterMail email solution with a timeline that is typically reserved for KEV hall-of-famers. The plot of that story had everything; * A

You must log in or # to comment.

Chat

blueteamsec@infosec.pub

Create a post

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !blueteamsec@infosec.pub

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

1 user / day
67 users / week
276 users / month
321 users / 6 months
1 local subscriber
599 subscribers
468 Posts
31 Comments
Modlog

mods:
digicat@infosec.pub