DNS MX Record Modification and Unauthorised Email Redirection
No customer data or Advanced Installer source code was accessed or exfiltrated. Our cloud infrastructure was not compromised. Email routing has been fully restored and additional security controls have been implemented.
On April 22nd, Caphyon SRL identified that an unauthorised party had modified a DNS Mail Exchange (MX) record associated with our domain, caphyon.com. As a result, a limited number of emails were redirected to an external destination between April 22, 2026, 09:02 (UTC+03:00) and April 22, 2026, 15:12 (UTC+03:00).
No unauthorized access was detected for product-specific domains or email addresses. Our support inbox, support@advancedinstaller.com or any other @advancedinstaller.com address that you used in previous communications were not affected during this incident.
During the same period, the attacker attempted to gain unauthorised access to our cloud infrastructure using the redirected emails - those attempts were unsuccessful and no systems were breached.
If you sent us any sensitive information via email (to any @caphyon.com inbox) between April 22, 2026, 09:02 (UTC+03:00) and April 22, 2026, 15:12 (UTC+03:00), we recommend treating that message as potentially seen by an unauthorized third party and contact us directly at support@advancedinstaller.com so we can assist you.
This advisory is published in the interest of full transparency and will be updated accordingly. We believe open disclosure is essential to maintaining the trust of our clients, partners, and the broader community.
If you have any questions, please do not hesitate to reach out to us at support@advancedinstaller.com.
Subscribe to Our Newsletter
Sign up for free and be the first to receive the latest news, videos, exclusive How-Tos, and guides from Advanced Installer.