#Zimbra

Critical Zimbra Vulnerability Exploited One Day After PoC Release

by

October 2, 2024 at 06:27AM A critical vulnerability in Zimbra was exploited in the wild to deploy a web shell on vulnerable servers shortly after a proof-of-concept release. This raised significant concerns regarding the security of Zimbra systems. Source: SecurityWeek. Based on the meeting notes, the key takeaway is that a critical-severity vulnerability in Zimbra … Read more

Google: Hackers exploited Zimbra zero-day in attacks on govt orgs

by

November 17, 2023 at 11:11AM Threat actors exploited a zero-day vulnerability in Zimbra Collaboration email server to steal sensitive data from government systems in multiple countries. The vulnerability, known as CVE-2023-37580, allowed the hackers to perform email forwarding, steal credentials, and lead victims to phishing pages. The attacks took place before Zimbra released an official … Read more