Gmail is finally raising file attachment size limits (but probably not for you)

Gmail has placed a 25MB limit on file attachment sizes, instead using Drive links for larger files. While that’s not changing ...
Security Boulevard

Purchase order attachment isn’t a PDF. It’s phishing for your password

An attachment named New PO 500PCS.pdf.hTM, posing as a purchase order in PDF form, turned out to be something entirely different: a credential-harvesting web page that quietly sent passwords and ...

Gmail increases attachment limit to 50 MByte – for Enterprise customers

Google Workspace Enterprise Plus now includes sending attachments up to 50 MByte. However, the new limit must be enabled by administrators.

OAuth phishers make ‘check where the link points’ advice ineffective

Microsoft has identified a phishing campaign using malformed links to legitimate OAuth services to redirect to malware ...

My Gmail storage was almost full, so I cleaned it up instead of upgrading to Google One

I freed up space without deleting important emails ...
Windows Report

Outlook to Add One-Step Folder Access and Easier File Sending

Microsoft plans to add one-step folder sharing and easier file sharing to Outlook, simplifying permissions and collaboration.

Third-Party Patching and the Business Footprint We All Share

Everyday tools like PDF readers, email clients, and archive utilities quietly define the real attack surface. Action1 explains how third-party software drift increases exploit risk and why consistent ...

Former UT professor in Epstein Files: How AI projects are linked to convicted sex offender Jeffrey Epstein

The release of the Epstein Files has revealed links between former UT professor Itamar Arel and disgraced financier Jeffrey Epstein.
The Hacker News

APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday

APT28 exploited CVE-2026-21513, an MSHTML zero-day (CVSS 8.8), using malicious LNK files to bypass security controls and execute code.

Oregon ethics commission to dismiss cases against 2 Washington County commissioners, issue letters of education to 2 others

The state ethics commission plans to issue letters of education to two Washington County commissioners and dismiss cases related to two other commissioners after investigating whether the four ...
Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users from legitimate sign‑in pages to attacker‑controlled infrastructure.