Global Government Data Breach: Zimbra Zero-Day Exploited by Multiple Hacker Groups
Four hacker groups have exploited a zero-day flaw in the Zimbra Collaboration email software, allowing them to steal email data, user credentials, and authentication tokens. The vulnerability, tracked as CVE-2023-37580, is a reflected cross-site scripting (XSS) flaw that was addressed by Zimbra in July 2023. The attacks occurred even after the initial fix was made public on GitHub, highlighting the importance of promptly applying patches to mail servers. The campaigns targeted government organizations in Greece, Moldova, Tunisia, and Vietnam, demonstrating the need for thorough auditing of mail server applications.