"Massive Cyber Espionage Campaign Targets European Governments with Webmail Zero-Day Exploit"
Pro-Russia hackers known as Winter Vivern have been exploiting a zero-day vulnerability in Roundcube, a widely used webmail software, to target governmental entities and a think tank in Europe. The vulnerability allowed the hackers to inject JavaScript into the Roundcube server application, triggering the server to send emails from selected targets to a server controlled by the threat actor. The attacks began on October 11 and were detected by security firm ESET, who promptly reported the vulnerability to Roundcube developers. Winter Vivern has previously targeted US government officials and has been active since at least 2020, primarily focusing on Europe and Central Asia. Users of Roundcube are advised to ensure they are running a patched version of the software.
- Pro-Russia hackers target inboxes with 0-day in webmail app used by millions Ars Technica
- Nation State Hackers Exploiting Zero-Day in Roundcube Webmail Software The Hacker News
- Espionage group uses webmail server zero-day to target European governments The Record from Recorded Future News
- European govt email servers hacked using Roundcube zero-day BleepingComputer
- Winter Vivern APT Blasts Webmail Zero-Day Bug With One-Click Exploit DARKReading
Reading Insights
0
1
2 min
vs 3 min read
79%
574 → 119 words
Want the full story? Read the original article
Read on Ars Technica