Security News > 2025 > May > Russia-linked hackers target webmail servers in Ukraine-related espionage operation
ESET researchers have uncovered RoundPress, a Russia-aligned espionage operation targeting webmail servers via XSS vulnerabilities. Behind it is most likely the Russia-aligned Sednit (also known as Fancy Bear or APT28) cyberespionage group, holding the ultimate goal of stealing confidential data from specific email accounts. Operation RoundPress compromise chain (Source: ESET) Targets Most of the targets are related to the current war in Ukraine. They are either Ukrainian governmental entities or defense companies in Bulgaria and … More → The post Russia-linked hackers target webmail servers in Ukraine-related espionage operation appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2025/05/15/espionage-operation-roundpress-webmail-servers/
Related news
- Russia-Linked Gamaredon Uses Troop-Related Lures to Deploy Remcos RAT in Ukraine (source)
- Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp (source)
- ASUS releases fix for AMI bug that lets hackers brick servers (source)
- Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised (source)
- DarkWatchman, Sheriff Malware Hit Russia and Ukraine with Stealth and Nation-Grade Tactics (source)
- Chinese hackers behind attacks targeting SAP NetWeaver servers (source)
- Türkiye Hackers Exploited Output Messenger Zero-Day to Drop Golang Backdoors on Kurdish Servers (source)
- Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers (source)