Bleeping Computer

Critical Zimbra RCE flaw exploited to backdoor servers using emails

Hackers are actively exploiting a recently disclosed RCE vulnerability in Zimbra email servers that can be triggered simply by sending specially crafted emails to the SMTP server. The Zimbra remote ...
Ars Technica

Attackers exploit critical Zimbra vulnerability using cc’d email addresses

Attackers are actively exploiting a critical vulnerability in mail servers sold by Zimbra in an attempt to remotely execute malicious commands that install a backdoor, researchers warn. The ...
ksn.com

ESET Research: Mass campaign aimed at stealing Zimbra email users’ credentials under way, European countries top targets

After opening the attachment, the user is presented with a fake Zimbra login page customized according to the targeted organization. In the background, the submitted credentials are collected from the ...
Engadget

An email vulnerability let hackers steal data from governments around the world

Google's Threat Analysis Group revealed on Thursday that it discovered and worked to help patch an email server flaw used to steal data from governments in Greece, Moldova, Tunisia, Vietnam and ...
Bleeping Computer

Phishing campaign steals accounts for Zimbra email servers worlwide

An ongoing phishing campaign has been underway since at least April 2023 that attempts to steal credentials for Zimbra Collaboration email servers worldwide. According to a report by ESET, phishing ...