Hackers Exploit Zimbra and Roundcube Email Servers

A new spear-phishing campaign that uses exploited Zimbra and Roundcube email servers to target government organizations.
An alarming spear-phishing campaign has been uncovered, specifically aimed at government organizations. This attack preys on the vulnerabilities of Zimbra and Roundcube email servers. It is crucial that immediate action is taken to secure these servers and prevent any further breaches. Investigations by EclecticIQ revealed that the initial campaigns

Winter Vivern exploited Roundcube email server vulnerability, Intrix Cyber Security posted on the topic

shelLM - A New AI-Based Honeypot to Engage Attackers as a Real System

Spearphishing Campaign Targets Zimbra Webmail Portals of Government Organizations

Zero-Day Vulnerability Exploited to Hack Over 1,000 Zimbra Email Servers - SecurityWeek

Iranian Threat Group Hits Thousands With Password Spray Campaign

MicroNet Systems Integrations

Zimbra Collaboration Suite Archives - Security Affairs

Winter Vivern exploits zero-day vulnerability in Roundcube Webmail servers

APT28 hacked Roundcube email servers of Ukrainian entities

Winter Vivern hackers exploit Zimbra flaw to steal NATO emails

Winter Vivern exploits zero-day vulnerability in RoundcubeWebmail servers – ESET Ireland

Zimbra 0-day Exploited by Multiple Threat Groups to Target Government Organizations - Cyber Kendra