October 21, 2024 at 05:20PM Threat actors exploited CVE-2024-37383, a stored XSS vulnerability in Roundcube Webmail, targeting CIS government organizations. This medium-severity flaw allows malicious JavaScript execution via crafted emails to steal credentials. System administrators are urged to update to version 1.6.9, as earlier versions remain vulnerable to attacks. ### Meeting Takeaways 1. **Threat Overview**: … Read more
October 21, 2024 at 05:58AM An XSS vulnerability in Roundcube Webmail has been exploited for code execution in an attack against a governmental organization in a CIS country, as reported by SecurityWeek. **Meeting Notes Takeaways:** 1. **Vulnerability Identified**: There is an XSS (Cross-Site Scripting) vulnerability in Roundcube Webmail. 2. **Target of Exploitation**: This vulnerability has … Read more
October 20, 2024 at 04:48AM Unknown threat actors exploited a patched vulnerability in Roundcube webmail to execute phishing attacks aimed at stealing user credentials. Discovered by Positive Technologies, the attack involved sending a deceptive email containing JavaScript code, targeting specific government organizations. Roundcube has since resolved the issue, but the potential for significant damage remains. … Read more
August 7, 2024 at 10:57AM Security researchers disclosed security flaws in Roundcube webmail software that could allow attackers to execute malicious JavaScript, steal sensitive information, and gain persistent foothold in browsers. The three vulnerabilities have been addressed in Roundcube versions 1.6.8 and 1.5.8 released on August 4, 2024. Additionally, a local privilege escalation flaw in … Read more
February 19, 2024 at 12:45AM Belarus and Russia-linked threat actors, identified as Winter Vivern, conducted a cyber espionage campaign exploiting vulnerabilities in Roundcube webmail servers, targeting over 80 organizations in Georgia, Poland, and Ukraine. The campaign aimed to gather intelligence on European political and military activities, demonstrating high sophistication in attack methods. TAG-70 also targeted … Read more
February 13, 2024 at 06:33AM CISA has included the CVE-2023-43770 Roundcube flaw in its exploited vulnerabilities catalog, raising concern over potential exploitation. This warning was conveyed in a post on SecurityWeek. As an executive assistant with expertise in generating clear takeaways from meeting notes, I would translate the information as follows: “In a recent update, … Read more
February 12, 2024 at 11:57PM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a medium-severity security flaw affecting Roundcube email software to its known exploited vulnerabilities catalog. Tracked as CVE-2023-43770, the cross-site scripting (XSS) flaw in Roundcube Webmail allows for information disclosure via malicious link references. Agencies are mandated to apply fixes by … Read more
February 12, 2024 at 02:03PM CISA warns of active exploitation of Roundcube email server vulnerability (CVE-2023-43770), impacting versions newer than 1.4.14, 1.5.x before 1.5.4, and 1.6.x before 1.6.3. The security flaw leads to persistent cross-site scripting attacks. CISA has added it to the Known Exploited Vulnerabilities Catalog, urging immediate patching by federal agencies and private … Read more
October 25, 2023 at 12:50PM The Winter Vivern cyber spy group has targeted European governments by exploiting an XSS zero-day vulnerability in the Roundcube webmail client. The group, linked to Russia and Belarus, used a convincing phishing email to launch a malicious payload, allowing them to access victims’ Roundcube accounts. Researchers warn that the group’s … Read more
October 25, 2023 at 09:45AM The Winter Vivern threat actor has been using a zero-day vulnerability in Roundcube webmail software to access victim’s email accounts. Winter Vivern has previously targeted Ukraine, Poland, and government entities in Europe and India. The newly discovered vulnerability, CVE-2023-5631, allows for the injection of arbitrary JavaScript code. Attackers employ a … Read more