Security News

ESET researchers have uncovered a mass-spreading phishing campaign aimed at collecting Zimbra account users' credentials. Zimbra Collaboration is an open-core collaborative software platform, a popular alternative to enterprise email solutions.

An ongoing phishing campaign has been underway since at least April 2023 that attempts to steal credentials for Zimbra Collaboration email servers worldwide. According to the ESET researchers, the attacks start with a phishing email pretending to be from an organization's admin informing users of an imminent email server update, which will result in temporary account deactivation.

Two weeks after the initial disclosure, Zimbra has released security updates that patch a zero-day vulnerability exploited in attacks targeting Zimbra Collaboration Suite (ZCS) email servers. [...]

Smells like Russian cyber spies (again) A vulnerability in Zimbra's software is being exploited right now by miscreants to compromise systems and attack selected government organizations, experts reckon.…

A critical cross site scripting vulnerability in popular open source email collaboration suite Zimbra is being exploited by attackers. Clément Lecigne of Google Threat Analysis Group discovered and reported this vulnerability.

Popular collaboration product Zimbra has warned customers to apply a software patch urgently to close a security hole that it says "Could potentially impact the confidentiality and integrity of your data." The vulnerability is what's known as an XSS bug, short for cross-site scripting, whereby performing an innocent-looking operation via site X, such as clicking through to site Y, gives the operator of site X a sneaky chance to implant rogue JavaScript code into the web pages that your browser receives back from Y. This, in turn, means that X may end up with access to your account on site Y, by reading out and perhaps even modifying data that would otherwise be private to Y, such as your account details, login cookies, authentication tokens, transaction history, and so on.

Zimbra has warned of a critical zero-day security flaw in its email software that has come under active exploitation in the wild. Additional details about the flaw are currently unavailable.

Zimbra urged admins today to manually fix a zero-day vulnerability actively exploited to target and compromise Zimbra Collaboration Suite email servers."A security vulnerability in Zimbra Collaboration Suite Version 8.8.15 that could potentially impact the confidentiality and integrity of your data has surfaced. [.] The fix is planned to be delivered in the July patch release," the company warned on Thursday via an advisory that doesn't inform customers the bug is also being abused in the wild.