all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Zero-Day Flaw in Zimbra Email Software Exploited by Four Hacker Groups

Add to bookmarks
Nov. 16, 2023, 4:09 p.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

A zero-day flaw in the Zimbra Collaboration email software was exploited by four different groups in real-world attacks to pilfer email data, user credentials, and authentication tokens.
"Most of this activity occurred after the initial fix became public on GitHub," Google Threat Analysis Group (TAG) said in a report shared with The Hacker News.
The flaw, tracked as CVE-2023-37580 (CVSS score:

analysis attacks authentication collaboration credentials data email email data exploited fix flaw github google google threat analysis group hacker hacker groups public real report software tag threat threat analysis threat analysis group tokens world zero-day zero-day flaw zimbra

Visit resource

More from thehackernews.com / The Hacker News

Playbook: Your First 100 Days as a vCISO - 5 Steps to Success 41 minutes ago | thehackernews.com
ciso cyber cybersecurity cybersecurity leadership +13
SpyLoan Scandal: 18 Malicious Loan Apps Defraud Millions of Android Users 56 minutes ago | thehackernews.com
android android users apps collecting +18
Webinar — Psychology of Social Engineering: Decoding the Mind of a Cyber Attacker an hour ago | thehackernews.com
attacker cyber cybersecurity cybersecurity landscape +14
New PoolParty Process Injection Techniques Outsmart Top EDR Solutions 6 hours ago | thehackernews.com
code code execution collection detection +20
SLAM Attack: New Spectre-based Vulnerability Impacts Intel, AMD, and Arm CPUs 2 days ago | thehackernews.com
amd amsterdam arm attack +22
Researchers Unveal GuLoader Malware's Latest Anti-Analysis Techniques 2 days, 5 hours ago | thehackernews.com
analysis anti-analysis called consuming +17
New 5G Modems Flaws Affect iOS Devices and Android Models from Major Brands 2 days, 19 hours ago | thehackernews.com
android called chipset collection +19
N. Korean Kimsuky Targeting South Korean Research Institutes with Backdoor Attacks 2 days, 22 hours ago | thehackernews.com
actor ahnlab attacks backdoor +21
Ransomware-as-a-Service: The Growing Threat You Can't Ignore 3 days, 1 hour ago | thehackernews.com
as-a-service attacks cybercrime cybersecurity +11

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Security Specialist

@ Protect Democracy | Remote, US
View on infosec-jobs.com

Information And Security Controller - Tram (UAE National)

@ Keolis | Dubaï, AE
View on infosec-jobs.com

Cybersecurity Engineer

@ Alstom Transport | Cairo, EG
View on infosec-jobs.com

IT Security Specialist (m/w/d) - Data Center & Cloud

@ CLAAS | Harsewinkel, NW, DE, 33428
View on infosec-jobs.com

Security Architect - Central Government sector

@ BAE Systems | London, GB
View on infosec-jobs.com

Project Cyber Security Manager

@ Alstom | Bangkok, TH
View on infosec-jobs.com
View more jobs