Cybersecurity firm Radware discovered a vulnerability they call “ShadowLeak” where an attacker could exploit the vulnerability by simply sending an email to the user.