News

Critical SmarterMail Vulnerability CVE-2025-52691 Enables Remote Code Execution

Luciano Ferrari

31 Dec 2025 — 2 min read

Wednesday, December 31, 2025

Top 5 Cybersecurity Stories You Should Know

Critical SmarterMail Vulnerability CVE-2025-52691 Enables Remote Code Execution — tl;dr: The Cyber Security Agency of Singapore (CSA) has issued a warning about a critical security vulnerability in SmarterTools SmarterMail email software, tracked as CVE-2025-52691, which has a CVSS score of 10.0. This flaw allows unauthenticated attackers to upload arbitrary files, potentially leading to remote code execution. Affected versions include Build 9406 and earlier, with a fix available in Build 9413, released on October 9, 2025. Users are strongly advised to update to the latest version (Build 9483) to mitigate risks associated with this vulnerability.
↪ https://thehackernews.com/2025/12/csa-issues-alert-on-critical.html
Ransomware Tactics Evolve: Quadruple Extortion and AI Integration — tl;dr: Ransomware attacks are on the rise, with a 20% increase in incidents reported in 2024. New tactics like quadruple extortion, which includes DDoS attacks and harassment of third parties, are amplifying pressure on victims. Despite a drop in ransom payments, with only 23% of victims paying, organizations face significant operational disruptions, with 58% forced to shut down post-attack. AI is increasingly being utilized by ransomware groups, making attacks more sophisticated. Companies are advised to enhance their security measures and negotiation strategies to mitigate risks and minimize impacts from these evolving threats.
↪ https://www.helpnetsecurity.com/2025/12/31/ransomware-tactics-expanding/
2025 Ransomware Incidents: Key Lessons and Security Gaps Identified — tl;dr: In 2025, ransomware attacks severely disrupted various sectors, including manufacturing, healthcare, and local government, with incidents like the Jaguar Land Rover breach causing over $2.5 billion in damages. Common vulnerabilities included weak access controls, reliance on outdated backups, and inadequate internal network security. Attackers exploited human error and targeted privileged accounts, often leading to data theft and extortion. Organizations are advised to strengthen identity and access management, enhance backup protocols, and adopt zero-trust models to mitigate risks and improve resilience against future ransomware threats.
↪ https://securityboulevard.com/2025/12/lessons-learned-from-top-10-ransomware-incidents-in-2025/
Ransomware Attack Update: TheGentlemen and Rhysida Target Multiple Organizations — tl;dr: On December 30, 2025, multiple ransomware groups, including TheGentlemen and Rhysida, launched attacks against various organizations across six countries. Notable victims include Stewart Engenharia in Brazil, BioNet-Asia in Thailand, and Falk, Waas, Hernandez, Cortina, Solomon & Bonner in the U.S. The attacks occurred within a 24-hour window, highlighting the ongoing threat of ransomware. Organizations are advised to enhance their cybersecurity measures, including regular backups and employee training on phishing attacks, to mitigate potential risks and prepare for future incidents.
↪ https://darkwebinformer.com/ransomware-attack-update-for-the-30th-of-december-2025/
Multiple Data Breaches Reported in December 2025 Affecting Various Industries — tl;dr: In December 2025, numerous organizations experienced significant data breaches, with attackers including groups like LockBit, DragonForce, and SafePay targeting a range of sectors from healthcare to education. Notable victims include APC Home Health Service, C&R Electric, and Inha University, among others. The breaches were discovered on December 30, 2025, with many incidents involving compromised credentials and ransomware attacks. Affected organizations should urgently assess their security measures, notify impacted individuals, and consider implementing stronger cybersecurity protocols to mitigate future risks.
↪ https://www.breachsense.com/breaches/2025/december/