"Roundcube 0-Day Used To Steal European Government Emails"

The cyber espionage group Winter Vivern exploited a now-patched zero-day vulnerability in the open-source webmail service Roundcube to steal emails from European government entities and think tanks. It is believed that the Russia- and Belarus-aligned Winter Vivern, also known as TA473, has been active since 2020. The group has a history of spying on European and Central Asian governments. Winter Vivern has exploited vulnerabilities in the Zimbra and Roundcube email servers. Researchers from ESET observed the group using a cross-site scripting (XSS) vulnerability in its most recent attacks. This article continues to discuss the Winter Vivern threat group's exploitation of vulnerabilities in Zimbra and Roundcube email servers.

SC Media reports "Roundcube 0-Day Used To Steal European Government Emails"

Submitted by grigby1