A prompt injection attack on Superhuman AI exposed sensitive emails, highlighting a security vulnerability in third-party integrations.
A prompt injection attack on Superhuman AI exposed sensitive emails, highlighting a critical security vulnerability in AI email assistants.
A detailed account of a sophisticated email scam involving hidden forwarding and reply-to settings, with advice for thorough account security checks.
A technical guide for SMBs on implementing DMARC, SPF, DKIM, and related email security protocols, with platform recommendations.
How to use a custom domain and catch-all email aliases to reduce spam and increase privacy by creating unique addresses for each service.
A guide to securing a personal digital life by migrating to a custom domain email, using a password manager, and implementing YubiKey 2FA.
Analyzes the limitations of the classic sendmail MTA in modern multi-user systems and proposes a more secure, user-configurable replacement.
A developer investigates a suspicious Cloudflare email, uncovering a potential account takeover vulnerability using persistent API credentials.
Analysis of spam registrations on Sourcehut, showing Gmail as the largest source and discussing email provider responsibility.
A blog post discussing email security, privacy, and SMTP features, based on a university talk given by the author.
Author discusses increasing false positives in Gmail's spam filter, causing legitimate emails like security alerts to be missed, and expresses frustration with Google.
Analyzes a famous 2016 phishing attack to argue that modern security hinges on human error, not just technical defenses.
A detailed analysis of a convincing PayPal phishing email, including how to spot the fakes and the discovery of a compromised website.
