Roundcube

Roundcube XSS flaw exploited to steal credentials, email (CVE-2024-37383)

CVE, Don't miss, exploit, Hot stuff, News, Positive Technologies, Roundcube, vulnerability /

Roundcube XSS flaw exploited to steal credentials, email (CVE-2024-37383) 2024-10-22 at 12:34 By Zeljka Zorz Attackers have exploited an XSS vulnerability (CVE-2024-37383) in the Roundcube Webmail client to target a governmental organization of a CIS country, Positive Technologies (PT) analysts have discovered. The vulnerability was patched in May 2024, in Roundcube Webmail versions 1.5.7 and […]

React to this headline:

Loading spinner

Roundcube XSS flaw exploited to steal credentials, email (CVE-2024-37383) Read More »

Roundcube flaws allow easy email account compromise (CVE-2024-42009, CVE-2024-42008)

CVE, Don't miss, email security, Hot stuff, News, Roundcube, security update, SonarSource, vulnerability /

Roundcube flaws allow easy email account compromise (CVE-2024-42009, CVE-2024-42008) 2024-08-07 at 12:01 By Zeljka Zorz Two cross-site scripting vulnerabilities (CVE-2024-42009, CVE-2024-42008) affecting Roundcube could be exploited by attackers to steal users’ emails and contacts, email password, and send emails from their account. About the vulnerabilities Roundcube is an open-source webmail software solution popular with European

React to this headline:

Loading spinner

Roundcube flaws allow easy email account compromise (CVE-2024-42009, CVE-2024-42008) Read More »

Russian Cyberspies Exploit Roundcube Flaws Against European Governments

Government, Nation-State, Roundcube, Russia /

Russian Cyberspies Exploit Roundcube Flaws Against European Governments 2024-02-19 at 15:01 By Ionut Arghire Russian cyberespionage group targets European government, military, and critical infrastructure entities via Roundcube vulnerabilities. The post Russian Cyberspies Exploit Roundcube Flaws Against European Governments appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Russian Cyberspies Exploit Roundcube Flaws Against European Governments Read More »

CISA Warns of Roundcube Webmail Vulnerability Exploitation

CISA, CISA KEV, email security, exploited, Roundcube, Vulnerabilities /

CISA Warns of Roundcube Webmail Vulnerability Exploitation 2024-02-13 at 13:31 By Eduard Kovacs CISA has added the Roundcube flaw tracked as CVE-2023-43770 to its known exploited vulnerabilities catalog. The post CISA Warns of Roundcube Webmail Vulnerability Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

CISA Warns of Roundcube Webmail Vulnerability Exploitation Read More »

Roundcube webmail XSS vulnerability exploited by attackers (CVE-2023-43770)

CISA, Don't miss, Hot stuff, News, Roundcube, vulnerability /

Roundcube webmail XSS vulnerability exploited by attackers (CVE-2023-43770) 2024-02-13 at 11:46 By Zeljka Zorz CVE-2023-43770, a vulnerability in the Roundcube webmail software that has been fixed in September 2023, is being exploited by attackers in the wild, CISA has warned by adding the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. About CVE-2023-43770 Roundcube is

React to this headline:

Loading spinner

Roundcube webmail XSS vulnerability exploited by attackers (CVE-2023-43770) Read More »

Russian Hackers Caught Exploiting Roundcube Webmail Zero-Day

exploited, Malware & Threats, Roundcube, Russia, Zero-Day /

Russian Hackers Caught Exploiting Roundcube Webmail Zero-Day 25/10/2023 at 19:17 By Ionut Arghire Russian APT Winter Vivern exploits a zero-day in the Roundcube webmail server in attacks targeting European governments. The post Russian Hackers Caught Exploiting Roundcube Webmail Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

Russian Hackers Caught Exploiting Roundcube Webmail Zero-Day Read More »

Roundcube webmail zero-day exploited to spy on government entities (CVE-2023-5631)

0-day, APT, Don't miss, Europe, government-backed attacks, Hot stuff, News, open source, Roundcube /

Roundcube webmail zero-day exploited to spy on government entities (CVE-2023-5631) 25/10/2023 at 14:46 By Zeljka Zorz The Winter Vivern APT group has been exploiting a zero-day vulnerability (CVE-2023-5631) in Roundcube webmail servers to spy on email communications of European governmental entities and a think tank, according to ESET researchers. “Exploitation of the XSS vulnerability can

React to this headline:

Loading spinner

Roundcube webmail zero-day exploited to spy on government entities (CVE-2023-5631) Read More »

Scroll to Top