11 Jul, 2026

Hackers exploit Roundcube flaw to spy on academic researchers

A China-linked threat cluster has been exploiting vulnerable Roundcube servers at U.S. and Canadian universities to steal credentials and deploy backdoor malware. The campaign has been observed since May and focuses on physics and engineering departments, administrators and professors, as well as organizations involved in astrophysics, particle physics, or national security-related research. Researchers at cybersecurity company […]

2 mins read

Microsoft patches Exchange Server zero-day exploited in attacks

Microsoft has patched an actively exploited Exchange Server vulnerability that allows threat actors to execute arbitrary JavaScript code in cross-site scripting (XSS) attacks targeting Outlook Web Access users. This high-severity spoofing vulnerability (CVE-2026-42897) affects Exchange Server 2016, Exchange Server 2019, and Exchange Server Subscription Edition (SE) software and can be exploited by remote attackers with […]

2 mins read

Over 10,000 Zimbra servers vulnerable to ongoing XSS attacks

Over 10,000 Zimbra Collaboration Suite (ZCS) instances exposed online are vulnerable to ongoing attacks exploiting a cross-site scripting (XSS) security flaw, according to nonprofit security organization Shadowserver. Zimbra is a popular email and collaboration software suite used by hundreds of millions of people worldwide, including hundreds of government agencies and thousands of businesses. The vulnerability (tracked as CVE-2025-48700) […]

2 mins read

Russian hackers exploit Zimbra flaw in Ukrainian govt attacks

Hackers part of APT28, a state-backed threat group linked to Russia’s military intelligence service (GRU), are exploiting a Zimbra Collaboration Suite (ZCS) vulnerability in attacks targeting Ukrainian government entities. This high-severity security flaw (tracked as CVE-2025-66376 and patched in early November) stems from a stored cross-site scripting (XSS) that unauthenticated attackers can exploit to gain remote code execution (RCE) […]

2 mins read

CISA orders feds to patch Zimbra XSS flaw exploited in attacks

CISA has ordered U.S. government agencies to secure their servers against an actively exploited vulnerability in the Zimbra Collaboration Suite (ZCS). Zimbra is a very popular email and collaboration software suite used by hundreds of millions of people worldwide, including thousands of businesses and hundreds of government agencies. Tracked as CVE-2025-66376 and patched in early November, this high-severity security […]

2 mins read

StealC hackers hacked as researchers hijack malware control panels

A cross-site scripting (XSS) flaw in the web-based control panel used by operators of the StealC info-stealing malware allowed researchers to observe active sessions and gather intelligence on the attackers’ hardware. StealC emerged in early 2023 with aggressive promotion on dark web cybercrime channels. It grew in popularity due to its evasion and extensive data theft capabilities. […]

3 mins read

Hacktivists target critical infrastructure, hit decoy plant

A pro-Russian hacktivist group called TwoNet pivoted in less than a year from launching distributed denial-of-service (DDoS) attacks to targeting critical infrastructure. Recently, the threat actor claimed an attack on a water treatment facility that turned out to be a realistic honeypot system set up by threat researchers specifically to observe adversaries’ movements. The compromise […]

3 mins read

Ukraine arrests suspected admin of XSS Russian hacking forum

The suspected administrator of the Russian-speaking hacking forum XSS.is was arrested by the Ukrainian authorities yesterday at the request of the Paris public prosecutor’s office. XSS.is is a Russian-speaking cybercrime forum that has been active since 2013 and is widely regarded as one of the major online hubs for cybercriminal activity, with over 50,000 registered users. The platform […]

3 mins read