"Massive Cyber Espionage Campaign Targets European Governments with Webmail Zero-Day Exploit"
Pro-Russia hackers known as Winter Vivern have been exploiting a zero-day vulnerability in Roundcube, a widely used webmail software, to target governmental entities and a think tank in Europe. The vulnerability allowed the hackers to inject JavaScript into the Roundcube server application, triggering the server to send emails from selected targets to a server controlled by the threat actor. The attacks began on October 11 and were detected by security firm ESET, who promptly reported the vulnerability to Roundcube developers. Winter Vivern has previously targeted US government officials and has been active since at least 2020, primarily focusing on Europe and Central Asia. Users of Roundcube are advised to ensure they are running a patched version of the software.