A recent spearphishing campaign targeting Polish entities has been attributed with high confidence to the UNC1151 threat actor, a group linked to Belarusian state interests and, according to some sources, Russian intelligence services. CERT Polska reports that the attackers leveraged a critical vulnerability in the Roundcube webmail platform—CVE-2024-42009—to steal user credentials with minimal user interaction. […]

The post Hackers Exploit Roundcube Vulnerability to Steal User Credentials via XSS Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Anupriya

Source: gbHackers
Source Link: https://gbhackers.com/hackers-exploit-roundcube-vulnerability/