cyber-espionage-vulnerability1.905 min read Russian Hackers Exploit Roundcube Flaws to Target European Organizations
Russian-linked hackers, identified as Winter Vivern, exploited cross-site scripting vulnerabilities in Roundcube webmail servers to target over 80 organizations primarily in Georgia, Poland, and Ukraine, with the goal of collecting intelligence on European political and military activities. The campaign, attributed to Threat Activity Group 70 (TAG-70), involved sophisticated attack methods, including social engineering techniques and the exploitation of Roundcube flaws to exfiltrate user credentials to a command-and-control server. The hackers have also targeted Iranian embassies in Russia and the Netherlands, as well as the Georgian Embassy in Sweden, indicating a broader geopolitical interest in assessing diplomatic activities and monitoring geopolitical aspirations.
1 year ago•Source: The Hacker News
