Zimbra addressed XSS and LFI vulnerabilities

Zimbra addressed XSS and LFI vulnerabilities

Zimbra Collaboration disclosed three new security vulnerabilities. These flaws, impact Zimbra Collaboration versions 9.0 and 10.0, potentially exposing users to cross-site scripting (XSS) and local file inclusion (LFI) attacks. The…
Zimbra XSS Zeroday

Zimbra XSS Zeroday

Researchers have warned the teams running the Zimbra Collaboration Suite version 8.8.15 to apply a manual fix against a recently discovered zero-day vulnerability (CVE-2023-34192) that's being actively exploited in the…
MalasLocker Ransomware targets Zimbra

MalasLocker Ransomware targets Zimbra

A new active ransomware group has been spotted that victimized nearly 200 organizations having a different spin on its extortion efforts: Don’t pay us, pay a charity This unnamed group…
Winter Vivern exploits Zimbra Vulnerability

Winter Vivern exploits Zimbra Vulnerability

Researchers have spotted a phishing campaign from the Russian APT group known as Winter Vivern, TA473, and UAC-0114 exploiting a vulnerability in Zimbra Collaboration software to hack the emails of government…
Most Exploited 2022 Vulnerabilities

Most Exploited 2022 Vulnerabilities

There are more devices connected to the internet than ever before. This is music to an attacker's ears, as they make good use of machines like printers and cameras which were…
Zimbra flaw actively exploited

Zimbra flaw actively exploited

An unpatched code execution vulnerability in the Zimbra Collaboration software is under active exploitation by attackers using the attacks to backdoor servers. The attacks began no later than September 7,…
Zimbra RCE Exploited in Wild

Zimbra RCE Exploited in Wild

An authentication bypass affecting Zimbra Collaboration Suite, tracked as CVE-2022-27925, is actively exploited to hack ZCS email servers worldwide. CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities…