Zimbra is an open-source email platform often used by many European organizations in place of Microsoft Exchange. In December 2021, there is an active exploitation of Zero-day vulnerability in Zimbra as a part of the spear-phishing campaign, which Volexity discovered. The codename Email Thief: An Active Exploitation of Zero-day XSS Vulnerability in Zimbra- a detailed … Continue reading "Email Thief: An Active Exploitation of Zero-day Vulnerability in Zimbra"
Zimbra Vulnerability Exploited in the Wild – Gridinsoft Blog
Operation EmailThief: Active Exploitation of Zero-day XSS Vulnerability in Zimbra
New Wave of Attack Campaign Targeting Zimbra Email Users for Credential Theft
Operation EmailThief: Active Exploitation of Zero-day XSS Vulnerability in Zimbra
Mass Exploitation of (Un)authenticated Zimbra RCE: CVE-2022-27925
Operation EmailThief: Active Exploitation of Zero-day XSS Vulnerability in Zimbra
Operation EmailThief: Active Exploitation of Zero-day XSS Vulnerability in Zimbra
Prevent Zero Day Attacks, Anti-Phishing Software
Hackers Exploiting Zimbra 0-day to Attack
CISA warns of Zimbra bug exploited in attacks against NATO countries