Tag: roundcube
14 articles

Hackers Exploit Roundcube Flaw to Target Academic Researchers
A new wave of cyber attacks linked to China is targeting academic researchers in the US and Canada, specifically those in physics, engineering, and national security-related fields, by exploiting a vulnerability in Roundcube webmail servers. The campaign, tracked as 'UNK_MassTraction', has been ongoing since May and has already hit several universities.

China-Aligned Hackers Exploit Roundcube Servers at US, Canada Universities
China-aligned hackers are targeting universities in the US and Canada, exploiting vulnerable Roundcube webmail servers to gain access to sensitive physics and engineering departments with potential national security links. This latest campaign highlights the ongoing threat of email-based attacks and the need for robust server security.

China-Aligned Hackers Exploit Roundcube Flaws to Infiltrate Universities
China-aligned hackers have launched a sneaky attack on universities, exploiting two flaws in the popular Roundcube webmail client to steal credentials and gain persistent access. At least a few dozen universities are believed to be affected, with Proofpoint researchers confirming fewer than 10 intrusions so far.

China-Aligned Hackers Exploit Roundcube Flaws at Universities
China-aligned hackers are exploiting vulnerabilities in Roundcube email servers to gain access to sensitive university networks, specifically targeting physics and engineering departments with national security ties. They've cleverly designed their attacks to fly under the radar, using tactics like compromised senders and spoofed domains to reach their targets.

CISA Adds Two Roundcube Flaws to KEV: Exclusive Critical
CISA has added two Roundcube vulnerabilities to its KEV list — including a critical 9.9-rated RCE (CVE-2025-49113) — meaning active exploitation is underway. If you run Roundcube, patch now to protect email stores, contacts, and stop attackers from hijacking accounts.

Hacker steals 1 million Cock.li user records in webmail data breach
One million Cock.li user records have been stolen in a major webmail breach. Learn how the hack exposed sensitive data and raised cybersecurity concerns.

Breach Roundup: Critical RCE Flaw in Roundcube Servers
Breach Roundup: Uncover the critical RCE flaw in Roundcube servers exposing vulnerabilities—immediate action needed to secure your system.

CISA Expands Catalog of Known Exploited Vulnerabilities with Erlang SSH and Roundcube Issues
CISA broadens its exploited vulnerabilities catalog by adding Erlang SSH and Roundcube issues, alerting organizations to emerging cyber risks.

Over 84,000 Roundcube instances vulnerable to actively exploited flaw
Over 84,000 Roundcube instances are vulnerable due to an actively exploited flaw. Immediate updates are crucial to secure your email system.

Hacker selling critical Roundcube webmail exploit as tech info disclosed
Hacker sells a critical Roundcube webmail exploit as disclosed tech info sparks cybersecurity alarms and prompts urgent vulnerability reviews.

Legacy Roundcube Vulnerability Lets Authenticated Users Execute Malicious Code
Legacy Roundcube vulnerability lets authenticated users execute malicious code. Update immediately to secure your systems.

Cybersecurity Alert: LummaC2 Malware Exploited to Steal Sensitive Organizational Data
Urgent cybersecurity alert: LummaC2 malware exploited to steal sensitive organizational data. Strengthen defenses and safeguard your network.

Russian GRU Cyber Operatives Target Western Tech Firms and Logistics Networks
Russian GRU cyber operatives target Western tech firms and logistics networks with sophisticated cyber attacks that jeopardize global supply chains.

Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers
APT28, a Russia-linked group, exploited an MDaemon Zero-Day flaw to compromise government webmail servers, spotlighting critical cybersecurity vulnerabilities.