Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers

Updated on May 15, 2025

A Russia-linked threat actor has been attributed to a cyber espionage operation targeting webmail servers such as Roundcube, Horde, MDaemon, and Zimbra via cross-site scripting (XSS) vulnerabilities, including a then-zero-day in MDaemon, according to new findings from ESET.
The activity, which commenced in 2023, has been codenamed Operation RoundPress by the Slovak cybersecurity company. It has…

Read the rest of the story at Read More

Source: The Hacker News

March 11, 2025 Uncategorized

Ballista Botnet Exploits Unpatched TP-Li...

November 27, 2023 Uncategorized

How to Handle Retail SaaS Security on Cy...

March 21, 2025 Uncategorized

Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers

Related posts

Ballista Botnet Exploits Unpatched TP-Li...

How to Handle Retail SaaS Security on Cy...

10 Critical Network Pentest Findings IT ...

Leave a Comment Cancel reply

Recent News

Meta to Train AI on E.U. User Data From May 27 Without Consent; Noyb Threatens Lawsuit

Coinbase Agents Bribed, Data of ~1% Users Leaked; $20M Extortion Attempt Fails

Pen Testing for Compliance Only? It’s Time to Change Your Approach

5 BCDR Essentials for Effective Ransomware Defense

Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers

Malicious npm Package Leverages Unicode Steganography, Google Calendar as C2 Dropper

New Chrome Vulnerability Enables Cross-Origin Data Leak via Loader Referrer Policy

Samsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit

BianLian and RansomExx Exploit SAP NetWeaver Flaw to Deploy PipeMagic Trojan

Xinbi Telegram Market Tied to $8.4B in Crypto Crime, Romance Scams, North Korea Laundering