Zero-Day Exploits: European Governments and Russian Organizations Targeted in Roundcube Webmail Hacks
The Winter Vivern Russian hacking group has been exploiting a zero-day vulnerability in Roundcube Webmail to target European government entities and think tanks since October 11. The vulnerability allowed the group to remotely inject arbitrary JavaScript code into Roundcube email servers, enabling them to harvest and steal emails. The Roundcube development team released security updates to fix the vulnerability after it was reported by ESET researchers. Winter Vivern has previously targeted government organizations using known vulnerabilities in Roundcube and Zimbra email servers. The group's persistence and regular phishing campaigns pose a significant threat to European governments.
- European govt email servers hacked using Roundcube zero-day BleepingComputer
- Nation State Hackers Exploiting Zero-Day in Roundcube Webmail Software The Hacker News
- Winter Vivern exploits zero-day vulnerability in Roundcube Webmail servers We Live Security
- Hackers backdoor Russian state, industrial orgs for data theft BleepingComputer
- Espionage group uses webmail server zero-day to target European governments The Record from Recorded Future News
- View Full Coverage on Google News
Reading Insights
0
1
2 min
vs 3 min read
78%
432 → 96 words
Want the full story? Read the original article
Read on BleepingComputer