A malware group has been busy creating a dangerous new vulnerability in the Roundcube webmail service, which is popular in European government circles. What makes this issue so important is that ...

ESET Research discover campaigns by the Winter Vivern APT group that exploit a zero-day XSS vulnerability in the Roundcube Webmail server and target governmental entities and a think tank in Europe.

By sending this email, attackers could inject arbitrary JavaScript code into the victim’s Roundcube session, ultimately enabling them to access and exfiltrate email messages. ESET warned that Winter ...

The Winter Vivern Russian hacking group has been exploiting a Roundcube Webmail zero-day since at least October 11 to attack European government entities and think tanks.

ESET researchers have revealed that the Winter Vivern Russian hacking group has exploited a zero-day vulnerability in Roundcube Webmail, targeting various European government entities and think tanks.

Roundcube released a patch soon after, but the zero-day vulnerability could expose all a user’s emails simply by viewing an innocent looking message.

New Cyberattack From Winter Vivern Exploits a Zero-Day Vulnerability in Roundcube Webmail Your email has been sent After reading the technical details about this zero-day that targeted ...

Open-source webmail project Roundcube has merged its operations with open-source file syncing and sharing software company Nextcloud after the founder of the mail project decided he wanted out ...

A vulnerability in the Roundcube email server platform is being actively exploited, the US government warns, urging its bodies to apply the patch and secure their instances sooner, rather than ...