Zimbra is an open-source email platform often used by many European organizations in place of Microsoft Exchange. In December 2021, there is an active exploitation of Zero-day vulnerability in Zimbra as a part of the spear-phishing campaign, which Volexity discovered. The codename Email Thief: An Active Exploitation of Zero-day XSS Vulnerability in Zimbra- a detailed … Continue reading "Email Thief: An Active Exploitation of Zero-day Vulnerability in Zimbra"
New Wave of Attack Campaign Targeting Zimbra Email Users for Credential Theft
eSentire, eSentire
Attack on RSA used zero-day Flash exploit in Excel - CNET
Operation EmailThief: Active Exploitation of Zero-day XSS Vulnerability in Zimbra
Zimbra Vulnerability Exploited in the Wild – Gridinsoft Blog
Searching Strings In Zimbra Mailbox LINUX DIGEST, 56% OFF
Mitigate zero-day vulnerabilities
Operation EmailThief: Zero-day XSS vulnerability in Zimbra email platform revealed
Mass Exploitation of (Un)authenticated Zimbra RCE: CVE-2022-27925
Massive Infection through 0-day in the Zimbra (CVE-2022-41352)
Security Report Details Alarming Rise In Malware Attacks Using USB Drives
Zimbra Vulnerability Exploited in the Wild – Gridinsoft Blog
Understanding the Zimbra Cross-Site Scripting Flaw (CVE-2023-37580)