SANS Stormcast Tuesday Feb 25th: Unfurl Updates; Google Ditches SMS; Paypal Phish; Exim, libXML, Parallels Vuln (#)

SANS Stormcast Tuesday Feb 25th: Unfurl Updates; Google Ditches SMS; Paypal Phish; Exim, libXML, Parallels Vuln Unfurl Update Released Unfurl released an Update fixing a few bugs and adding support to decode BlueSky URLs. https://isc.sans.edu/diary/Unfurl%20v2025.02%20released/31716 Google Confirms GMail To Ditch SMS Code Authentication Google no longer considers SMS authentication save enough for GMail. Instead, it pushes users to use Passkeys, or QR code based app authentication https://www.forbes.com/sites/daveywinder/2025/02/23/google-confirms-gmail-to-ditch-sms-code-authentication/ Beware of Paypal New Address Feature Abuse Attackers are using "address change" e-mails to send links to phishing sites or trick users into calling fake tech support phone numbers. Attackers are just adding the malicious content as part of the address. The e-mail themselves are legitimate PayPal emails and will pass various spam and phishing filters. https://www.bleepingcomputer.com/news/security/beware-paypal-new-address-feature-abused-to-send-phishing-emails/ Exim SQL Injection Vulnerability Exim, with sqlite support and ETRN enabled, is vulnerable to a simple SQL injection exploit. A PoC has been released https://www.exim.org/static/doc/security/CVE-2025-26794.txt https://github.com/OscarBataille/CVE-2025-26794? XMLlib patches https://gitlab.gnome.org/GNOME/libxml2/-/issues/847 https://gitlab.gnome.org/GNOME/libxml2/-/issues/828 0-Day in Parallels https://jhftss.github.io/Parallels-0-day/ keywords: 0-day, parallels, exim; sql; injection; paypal; phishing; sms; google; qmail; unfurl