Zimbra zero-day vulnerability actively exploited to steal emails
By A Mystery Man Writer
Description
A cross-site scripting (XSS) Zimbra security vulnerability is actively exploited in attacks targeting European media and government organizations.
![Zimbra zero-day vulnerability actively exploited to steal emails](https://www.eclecticiq.com/hubfs/_blogs/corporate-blog/2023/Zimbra-webmail-article/Zimbra%20webmail_image5.png)
Spearphishing Campaign Targets Zimbra Webmail Portals of Government Organizations
![Zimbra zero-day vulnerability actively exploited to steal emails](https://www.bleepstatic.com/content/hl-images/2021/08/19/thumb/170x170_CISA_headpic.jpg)
News in the Security category
GuardiaN (@guardianuy) / X
Zimbra Auth Security Flaw Used to Exploit Over 1,000 Servers
![Zimbra zero-day vulnerability actively exploited to steal emails](https://img1.daumcdn.net/thumb/R800x0/?scode=mtistory2&fname=https%3A%2F%2Fblog.kakaocdn.net%2Fdn%2F3WJ4G%2FbtrskF9PE3A%2FYJvjD8TuhNIZwANMUKYZV0%2Fimg.jpg)
Zimbra 제로데이 취약점, 이메일 훔치는데 활발히 악용돼
![Zimbra zero-day vulnerability actively exploited to steal emails](https://csirt.cy/images/impact.png)
National CSIRT-CY National Computer Security Incident Response
![Zimbra zero-day vulnerability actively exploited to steal emails](https://www.eclecticiq.com/hubfs/_blogs/corporate-blog/2023/Zimbra-webmail-article/Zimbra%20webmail_image4.png)
Spearphishing Campaign Targets Zimbra Webmail Portals of Government Organizations
![Zimbra zero-day vulnerability actively exploited to steal emails](https://csirt.cy/images/vmware-980x300.jpg)
National CSIRT-CY National Computer Security Incident Response
![Zimbra zero-day vulnerability actively exploited to steal emails](https://www.zdnet.com/a/img/resize/6fa0fe2befb6e2617b1ce6c6615df53c4d7d3ebe/2021/10/21/788b57e0-f1f9-4dad-acec-2fc30fb9d62b/email-attack.jpg?auto=webp&fit=crop&height=675&width=1200)
Operation EmailThief: Zero-day XSS vulnerability in Zimbra email platform revealed
![Zimbra zero-day vulnerability actively exploited to steal emails](https://www.volexity.com/wp-content/uploads/2022/02/zimbra-attacker-code.png)
Operation EmailThief: Active Exploitation of Zero-day XSS Vulnerability in Zimbra
![Zimbra zero-day vulnerability actively exploited to steal emails](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqciYuXuyeuze_RVddG7DPlHMdn38W9PoptXe3DzImXXJwfCRzSfrrVVOwWzLhLiAyoH2dmT3kh5rVpeSYgbSybPtgO0-z_J7GnjRL0YGKiS01lXCSMLWVgKf6b_br2B4xwyfrfhWb4hJOmThQbRbnmCc8Xq-2RUWzL306OzoQkDE8B2DWrR14guR6yQTK/s16000/Ivanti%20Zero-Day.webp)
Hackers Actively Exploited Ivanti 0-Day to Execute Arbitrary Commands
Zimbra Zero-day XSS Vulnerability Actively Exploited by Hackers
![Zimbra zero-day vulnerability actively exploited to steal emails](https://blog.rapid7.com/content/images/2022/08/zimbra-etr.jpg)
Active Exploitation of Multiple Vulnerabilities in Zimbra Collaboration Suite
![Zimbra zero-day vulnerability actively exploited to steal emails](https://csirt.cy/images/phishing-1335x574-980x300.jpg)
National CSIRT-CY National Computer Security Incident Response
from
per adult (price varies by group size)