<ul><li>Unknown threat actors have exploited a now-patched vulnerability in the Roundcube webmail software.</li><li>The attack was part of a phishing campaign targeting Roundcube users to steal their credentials.</li><li>The vulnerability, tracked as CVE-2024-37383, allowed for XSS attacks via SVG animate attributes.</li><li>Roundcube Webmail, commonly used by government agencies, continues to be a target for hackers.</li></ul>

Unknown threat actors exploit Roundcube Webmail flaw in phishing campaign

Discover more