"Roundcube 0-Day Used To Steal European Government Emails"
"Roundcube 0-Day Used To Steal European Government Emails"
The cyber espionage group Winter Vivern exploited a now-patched zero-day vulnerability in the open-source webmail service Roundcube to steal emails from European government entities and think tanks. It is believed that the Russia- and Belarus-aligned Winter Vivern, also known as TA473, has been active since 2020. The group has a history of spying on European and Central Asian governments. Winter Vivern has exploited vulnerabilities in the Zimbra and Roundcube email servers. Researchers from ESET observed the group using a cross-site scripting (XSS) vulnerability in its most recent attacks.