Zero-Day Exploits: European Governments and Russian Organizations Targeted in Roundcube Webmail Hacks
The Winter Vivern Russian hacking group has been exploiting a zero-day vulnerability in Roundcube Webmail to target European government entities and think tanks since October 11. The vulnerability allowed the group to remotely inject arbitrary JavaScript code into Roundcube email servers, enabling them to harvest and steal emails. The Roundcube development team released security updates to fix the vulnerability after it was reported by ESET researchers. Winter Vivern has previously targeted government organizations using known vulnerabilities in Roundcube and Zimbra email servers. The group's persistence and regular phishing campaigns pose a significant threat to European governments.