Hackers breach SmarterTools network using flaw in its own software

SmarterTools confirmed a breach by the Warlock ransomware gang, exploiting a flaw in their SmarterMail software. The attack compromised an employee-set-up virtual machine, leading to the breach of 12 Windows servers and a secondary data center, though customer data remained unaffected. The vulnerability, CVE-2026-23760, allows for authentication bypass and admin password reset, and is linked to a Chinese nation-state actor. The attackers used tools like Velociraptor and SimpleHelp for persistence and lateral movement.