Signal

Critical FreeScout vulnerability enables zero-click attacks

Evidence first: scan the strongest sources, then decide whether to go deeper.

Published 2026-03-04 09:16 UTCUpdated 2026-03-04 21:51 UTC

rss

securitybleepingcomputer_securityweek

Source links open

Source links and full evidence are open here. Archive history, compare-over-time, alerts, exports, API, integrations, and workflow are paid.

Back Evidence (2)Get the free brief by email Start free trial

No card needed for the free brief.

Evidence trail (top sources)

top sources (2 domains)

2 top sources shown

Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers

bleepingcomputer_all · News · bleepingcomputer.com · 2026-03-04 21:51 UTC

Critical FreeScout Vulnerability Leads to Full Server Compromise

SecurityWeek · News · securityweek.com · 2026-03-04 09:16 UTC

limited source diversity in top sources

View all evidence

Overview

Recent reports highlight a critical vulnerability in the FreeScout helpdesk platform that allows hackers to execute remote code without any user interaction. This zero-click attack, known as Mail2Shell, poses a significant risk as it can lead to full server compromise. Security experts are urging users to apply patches immediately to mitigate potential threats.

Score total

0.99

Momentum 24h

Posts

Origins

Source types

Duplicate ratio

Why now

The vulnerability has been identified and reported recently, making it urgent for users to act.
Cybersecurity experts are raising alarms about the potential for mass exploitation.
Timely patching can prevent significant damage and data loss.

Why it matters

The vulnerability allows hackers to take control of servers without any user interaction.
Immediate action is required to protect sensitive data and maintain server integrity.
Failure to patch could lead to widespread exploitation and data breaches.

LLM analysis

Topic mix: lowPromo risk: lowSource quality: high

Recurring claims

A maximum severity vulnerability in FreeScout allows remote code execution without user interaction.
The flaw leads to zero-click remote code execution attacks, resulting in full server compromise.

How sources frame it

BleepingComputer: neutral
SecurityWeek: neutral

All evidence

Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers

bleepingcomputer_all · bleepingcomputer.com · 2026-03-04 21:51 UTC

Critical FreeScout Vulnerability Leads to Full Server Compromise

SecurityWeek · securityweek.com · 2026-03-04 09:16 UTC

Show filters & breakdown

Posts loaded: 0Publishers: 2Origin domains: 2Duplicates: -

Platform

Publisher

Origin domain

Relevance tier

Duplicates only

Showing 2 / 0

Top publishers (this list)

bleepingcomputer_all (1)
SecurityWeek (1)

Top origin domains (this list)

bleepingcomputer.com (1)
securityweek.com (1)