Hackers exploit Roundcube webmail flaw to steal email, credentials
October 21, 2024 at 05:20PM Threat actors exploited CVE-2024-37383, a stored XSS vulnerability in Roundcube Webmail, targeting CIS government organizations. This medium-severity flaw allows malicious JavaScript execution via crafted emails to steal credentials. System administrators are urged to update to version 1.6.9, as earlier versions remain vulnerable to attacks. ### Meeting Takeaways 1. **Threat Overview**: … Read more