SecurityWeek

Recent RoundCube Webmail Vulnerability Exploited in Attacks

The US cybersecurity agency CISA on Friday warned of two RoundCube Webmail vulnerabilities being exploited in the wild. Prevalent within government and enterprise networks, RoundCube Webmail is a ...
Bleeping Computer

Hacker steals 1 million Cock.li user records in webmail data breach

Email hosting provider Cock.li has confirmed it suffered a data breach after threat actors exploited flaws in its now-retired Roundcube webmail platform to steal over a million user records. The ...
Dark Reading

Winter Vivern APT Blasts Webmail Zero-Day Bug With One-Click Exploit

Low-profile threat group Winter Vivern has been exploiting a zero-day flaw in Roundcube Webmail servers with a malicious email campaign targeting governmental organizations and a think tank in Europe ...
Hackaday

This Week In Security: Roundcube, Unified Threat Naming, And AI Chat Logs

Up first, if you’re running a Roundcube install prior to 1.5.10 or 1.6.11, it’s time to update. We have an authenticated Remote Code Execution (RCE) in the Roundcube Webmail client. And while that’s ...