A recent spearphishing campaign targeting Polish entities has been attributed with high confidence to the UNC1151 threat actor, a group linked to Belarusian state interests and, according to some sources, Russian intelligence services. CERT Polska reports that the attackers leveraged a critical vulnerability in the Roundcube webmail platform—CVE-2024-42009—to steal user credentials with minimal user interaction. […]
The post Hackers Exploit Roundcube Vulnerability to Steal User Credentials via XSS Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
This article has been indexed from GBHackers Security | #1 Globally Trusted Cyber Security News Platform