Bleeping Computer

CISA: Roundcube email server bug now exploited in attacks

CISA warns that a Roundcube email server vulnerability patched in September is now actively exploited in cross-site scripting (XSS) attacks. The security flaw (CVE-2023-43770) is a persistent ...
Bleeping Computer

European govt email servers hacked using Roundcube zero-day

The Winter Vivern Russian hacking group has been exploiting a Roundcube Webmail zero-day in attacks targeting European government entities and think tanks since at least October 11. The Roundcube ...
SiliconANGLE

A new and dangerous malware infects Roundcube webmail

A malware group has been busy creating a dangerous new vulnerability in the Roundcube webmail service, which is popular in European government circles. What makes this issue so important is that is a ...
Dark Reading

PoC Code Escalates Roundcube Vuln Threat

The threat associated with a critical decade-old remote code execution vulnerability in Roundcube webmail has increased sharply in recent days, with proof-of-concept (PoC) code for the bug becoming ...
techtimes

Winter Vivern Russian Hacking Group Exploits Zero-Day in Roundcube Webmail Software

According to ESET Research, Winter Vivern is a Russian hacking group that has been operating since 2020. The notorious cybercriminals reportedly target governments across Central Asia and Europe. The ...