Zimbra Zero-Day Exploited to Target Brazilian Military via Malicious ICS Files

Updated on October 6, 2025

A now patched security vulnerability in Zimbra Collaboration was exploited as a zero-day earlier this year in cyber attacks targeting the Brazilian military.
Tracked as CVE-2025-27915 (CVSS score: 5.4), the vulnerability is a stored cross-site scripting (XSS) vulnerability in the Classic Web Client that arises as a result of insufficient sanitization of HTML content in ICS calendar files,…

Read the rest of the story at Read More

Source: The Hacker News

August 19, 2025 Uncategorized

New GodRAT Trojan Targets Trading Firms ...

January 17, 2024 Uncategorized

PAX PoS Terminal Flaw Could Allow Attack...

September 19, 2024 Uncategorized

Zimbra Zero-Day Exploited to Target Brazilian Military via Malicious ICS Files

Related posts

New GodRAT Trojan Targets Trading Firms ...

PAX PoS Terminal Flaw Could Allow Attack...

Healthcare’s Diagnosis is Critical...

Leave a Comment Cancel reply

Recent News

5 Critical Questions For Adopting an AI Security Solution

⚡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More

Chinese Cybercrime Group Runs Global SEO Fraud Ring Using Compromised IIS Servers

Zimbra Zero-Day Exploited to Target Brazilian Military via Malicious ICS Files

Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks

CometJacking: One Click Can Turn Perplexity’s Comet AI Browser Into a Data Thief

Scanning Activity on Palo Alto Networks Portals Jump 500% in One Day

Detour Dog Caught Running DNS-Powered Malware Factory for Strela Stealer

Rhadamanthys Stealer Evolves: Adds Device Fingerprinting, PNG Steganography Payloads

Researchers Warn of Self-Spreading WhatsApp Malware Named SORVEPOTEL