First reported by BackBox.org
Suspected China-Aligned Hackers Exploit Roundcube Flaws Against Universities
Suspected China-Aligned Hackers Exploit Roundcube Flaws Against Universities
By
[email protected] (The Hacker News)
12h agoen
Source
A suspected China-aligned threat activity cluster has been observed exploiting Roundcube webmail software belonging to physics and engineering departments of U.S. and Canadian universities as part of a new campaign. The activity involves the exploitation of now-patched, critical security flaws in the open-source email solution, such as CVE-2024-42009 (CVSS score: 9.3), to siphon credentials
You might also wanna read
Suspected China-Aligned Hackers Exploit Roundcube Flaws Against Universities
BackBox.org·11h ago
Roundcube Webmail Vulnerability Allows Email Tracking Despite Image Blocking
Roundcube Webmail versions before 1.5.13 and 1.6.13 contain a security vulnerability (CVE-2026-25916) that allows attackers to bypass remote
Google tracks China-linked espionage group exploiting REDCap servers in North American health research networks
Google's Threat Analysis Group (TAG) tracked a China-linked espionage cluster (UNC6508) that infiltrated North American medical, academic, a

WAF - WAF Release - 2025-07-07
Cloudflare·1y ago
CVE-2026-8037: Critical Unauthenticated RCE in Progress Kemp LoadMaster Actively Exploited
A critical unauthenticated remote code execution vulnerability (CVE-2026-8037) in Progress Kemp LoadMaster is being actively exploited in th
undercodetesting.com·3d agoRussia-Aligned Hackers Exploit Unpatched WinRAR Vulnerability Against Ukrainian Organizations
Two Russia-aligned cyberattack campaigns are actively exploiting CVE-2025-8088, a path traversal vulnerability in WinRAR patched in July 202

Comments
Sign in to join the conversation.
No comments yet. Be the first.