Daily DMARC News
  • Home
  • Posts
  • Excello Mail ↗
  • EN
  • ES
  • PT

All Posts

Every post we’ve published — newest first.

News on this site is aggregated and summarized automatically from public industry sources. Occasional inaccuracies are possible and always unintentional — if you spot one, we’ll gladly correct or remove it. Report an issue.

  • July 3, 2026 5 min read

    81 Million Login Attempts, 78 Compromised Accounts: The Azure CLI Attack That Slipped Past MFA

    Between June 12 and June 26, an automated attacker made more than 81 million login attempts against Microsoft 365 accounts monitored by the security firm Huntress. The traffic came from IPv6 address space registered to …

  • July 2, 2026 4 min read

    The FBI's 2025 Crime Report: Phishing Volume Barely Moved. Losses Grew 208% Anyway.

    The FBI’s Internet Crime Complaint Center (IC3) released its 2025 Internet Crime Report in April, marking 25 years of tracking reported cybercrime in the United States. The topline number is stark on its own: …

  • July 1, 2026 5 min read

    Authentication Laundering: How Hijacked Calendly Accounts Passed SPF, DKIM, and DMARC to Hit Hotels

    On June 25, 2026, Microsoft’s threat intelligence team published details of a phishing campaign that has been running against hotels across Europe and Asia since April. The lure is ordinary: a ZIP file named …

  • June 29, 2026 7 min read

    The NIS2 Audit Deadline Is Tomorrow. Here Is What Your Auditor Will Check About Your Email.

    Tomorrow, June 30, 2026, Essential Entities across the European Union face the first formal compliance audit under the Network and Information Security Directive 2. If your organization operates in energy, transport, …

  • June 28, 2026 6 min read

    CVE-2025-59419: When Your Email Infrastructure Becomes the Forger

    DMARC has earned its place as the cornerstone of domain-level email authentication. Set your policy to p=reject, align your SPF and DKIM records correctly, and the vast majority of external spoofing attempts that abuse …

  • June 27, 2026 7 min read

    CVE-2026-4020: The WordPress Email Plugin That Gives Attackers Your DMARC Authorization

    A vulnerability disclosed in June 2026 in the Gravity SMTP WordPress plugin illustrates a category of email security failure that DMARC was never designed to address. CVE-2026-4020 is an unauthenticated information …

  • June 26, 2026 6 min read

    Google's June 2026 Fraud Advisory: AI Scams Grew 1,210% and Email Authentication Is Still the Foundation

    Google published its June 2026 fraud and scams advisory this month, drawing on data from the NASDAQ Global Financial Crime Report and its own threat intelligence teams. The headline numbers are significant: global fraud …

  • June 24, 2026 7 min read

    CodeStorm: When Phishing Passes DMARC Because the Account Is Real

    A phishing campaign documented by security researchers in June 2026 has drawn attention not because it breaks email authentication, but because it does not need to. The CodeStorm phishing kit – a commercial-grade …

  • June 23, 2026 6 min read

    You Have a DMARC Record. Without Aggregate Reports, You Cannot See Who Is Spoofing You.

    The EasyDMARC 2026 DMARC Adoption Report, drawn from an analysis of the top 1.8 million global domains, contains a finding that deserves more attention than it has received: more than 70 percent of DMARC-enabled domains …

  • June 22, 2026 7 min read

    DMARC Passes, Attack Succeeds -- Barracuda's Red Team Exposes the 5-Minute AI Email Compromise

    On June 17, 2026, the Barracuda Networks security red team published a simulation that traced an AI-powered email attack from the first phishing message to full endpoint compromise and persistent attacker access. The …

  • June 21, 2026 7 min read

    All Three Inbox Giants Now Enforce One-Click Unsubscribe -- and the Deliverability Penalty for Getting It Wrong Is a 3x to 7x Inbox Hit

    In February 2024, Google and Yahoo told bulk senders that one-click unsubscribe was no longer optional. Most senders treated it as a Google-and-Yahoo problem and updated their templates accordingly – or believed …

  • June 20, 2026 6 min read

    SVG Phishing Files Are Now the Third Most Common Malicious Email Attachment -- and DMARC Cannot Filter Them

    On June 2, 2026, SANS Internet Storm Center handler Xavier Mertens published an analysis of a phishing wave that had been landing in his inbox for several consecutive days. The attachment on each message was an SVG file …

  • ««
  • «
  • 1
  • 2
  • 3
  • 4
  • 5
  • »
  • »»
Daily DMARC News

Daily news, analysis, and guidance on DMARC and email security.

Explore

  • Home
  • All posts
  • RSS feed

From the team

  • Excello Mail ↗
  • About
  • Contact
© 2026 Daily DMARC News. All rights reserved. From the team at Excello Mail.