Tag: CVE-2024-27443

1 Attack Reports | 1 Vulnerabilities

Attack reports

Operation RoundPress targeting high-value webmail servers

ESET researchers have uncovered a Russia-aligned espionage operation named RoundPress, targeting high-value webmail servers through XSS vulnerabilities. The campaign, attributed to the Sednit group, aims to steal confidential data from specific email accounts. Initially focused on Roundcube in 2023…
espionage
spearphishing
russia
zero-day
credential theft
xss
data exfiltration
CVE-2024-27443
CVE-2024-11182
2025-05-15
2025-05-18
webmail
eastern europe
spypress.roundcube
spypress.mdaemon
CVE-2023-43770
spypress.zimbra
spypress.horde
Published: May 18, 2025
Linked vulnerabilities : CVE-2024-27443, CVE-2024-11182 (CVSS 6.1), CVE-2020-35730, CVE-2023-23397, CVE-2023-43770
Downloadable IOCs: 16
Click here to see more Attack Reports

Vulnerabilities

CVE-2024-27443

None
    Zimbra Collaboration
Published: August 12, 2024
Click here to see more Vulnerabilities