Security News > 2025 > June > Roundcube RCE: Dark web activity signals imminent attacks (CVE-2025-49113)
2025-06-09 12:06
With an exploit for a critical Roundcube vulnerability (CVE-2025-49113) being offered for sale on underground forums and a PoC exploit having been made public, attacks exploiting the flaw are incoming and possibly already happening. According to the Shadowserver Foundation, there is no lack of possible targets: around 84,000 internet-facing installations – predominantly in Europe, Asia, and North America – are still unpatched. What is Roundcube? Roundcube is a free and open-source web-based email client that’s … More → The post Roundcube RCE: Dark web activity signals imminent attacks (CVE-2025-49113) appeared first on Help Net Security.
News URL
Related news
- Apple plugs zero-day holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201) (source)
- Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) (source)
- CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download (source)
- Active! Mail RCE flaw exploited in attacks on Japanese orgs (source)
- Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028) (source)
- DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks (source)
- Craft CMS RCE exploit chain used in zero-day attacks to steal data (source)
- Apple 'AirBorne' flaws can lead to zero-click AirPlay RCE attacks (source)
- RCE flaw in tool for building AI agents exploited by attackers (CVE-2025-3248) (source)
- Samsung MagicINFO 9 Server RCE flaw now exploited in attacks (source)