all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Russian Hackers Breached 80+ Organizations Using Roundcube XSS Flaw

Add to bookmarks
Feb. 20, 2024, 9:22 a.m. | Eswar

Cyber Security News cybersecuritynews.com

The Russia-based threat group TAG-70 has been discovered to be exploiting Roundcube webmail servers with a recently disclosed Cross-Site Scripting vulnerability CVE-2023-5631. Their targets include government, military, and national infrastructure-related entities. This threat actor overlaps with Winter Vivern, TA473, and UAC-0114 threat group. However, this Roundcube targeting campaign has been conducted since October 2023, attacking […]


The post Russian Hackers Breached 80+ Organizations Using Roundcube XSS Flaw appeared first on Cyber Security News.

actor breached campaign cross-site cve cyber-attack cyber espionage cyber security entities exploiting flaw government hackers infrastructure military national national infrastructure organizations roundcube roundcube webmail russia russia-based russian russian hackers scripting servers ta473 tag tag-70 targeting threat threat actor threat group uac uac-0114 vulnerability webmail winter winter vivern xss xss flaw

Visit resource

More from cybersecuritynews.com / Cyber Security News

Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories) 2 hours ago | cybersecuritynews.com
advanced advanced persistent threat apt attacks +26
Cactus Ransomware Exploiting Qlik Servers Vulnerability 2 days, 3 hours ago | cybersecuritynews.com
cactus cactus ransomware code code execution +28
Hackers Abuse Autodesk Drive For Hosting Weaponized PDF Files 2 days, 3 hours ago | cybersecuritynews.com
abuse attack autodesk campaign +19
MuddyWater Hackers Abusing Legitimate RMM Tool to Deliver Malware 2 days, 6 hours ago | cybersecuritynews.com
abusing actor agent atera +26
Hackers Actively Exploiting WP Automatic Updates Plugin Vulnerability 2 days, 7 hours ago | cybersecuritynews.com
attack automatic can compromise +27
Microsoft Releases Historical MS-DOS 4.0 Source Code to the Public 2 days, 7 hours ago | cybersecuritynews.com
accessibility code decision developers +12
PoC Exploit Released For Critical Flowmon Vulnerability 2 days, 7 hours ago | cybersecuritynews.com
analysis a network command command injection +26
Chrome Critical Flaw Let Attackers Execute Arbitary Code : Patch Now 2 days, 8 hours ago | cybersecuritynews.com
arbitrary code attackers browservulnerability channel +21
Hackers Exploit Google Ads to Spread IP Scanner with Concealed Backdoor 2 days, 19 hours ago | cybersecuritynews.com
ads attacker backdoor campaign +23

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Network Security Engineer

@ Meta | Menlo Park, CA | Remote, US
View on infosec-jobs.com

Security Engineer, Investigations - i3

@ Meta | Washington, DC
View on infosec-jobs.com

Threat Investigator- Security Analyst

@ Meta | Menlo Park, CA | Seattle, WA | Washington, DC
View on infosec-jobs.com

Security Operations Engineer II

@ Microsoft | Redmond, Washington, United States
View on infosec-jobs.com

Engineering -- Tech Risk -- Global Cyber Defense & Intelligence -- Bug Bounty -- Associate -- Dallas

@ Goldman Sachs | Dallas, Texas, United States
View on infosec-jobs.com
View more jobs