Jesus Vigo reviews the steps necessary to add a front-end webmail application using Roundcube that's hosted on OS X Server. In a previous article, I covered the steps on how to setup and configure the ...

Roundcube is an open-source application for managing email through a Web interface. It runs on Web servers that support the PHP server-side scripting language. Roundcube may be a good choice for your ...

The threat associated with a critical decade-old remote code execution vulnerability in Roundcube webmail has increased sharply in recent days, with proof-of-concept (PoC) code for the bug becoming ...

A malware group has been busy creating a dangerous new vulnerability in the Roundcube webmail service, which is popular in European government circles. What makes this issue so important is that is a ...

CISA warns that a Roundcube email server vulnerability patched in September is now actively exploited in cross-site scripting (XSS) attacks. The security flaw (CVE-2023-43770) is a persistent ...

Threat actors have been exploiting a vulnerability in the Roundcube Webmail client to target government organizations in the Commonwealth of Independent States (CIS) region, the successor of the ...

ESET researchers have revealed that the Winter Vivern Russian hacking group has exploited a zero-day vulnerability in Roundcube Webmail, targeting various European government entities and think tanks.

ESET Research has discovered a significant cybersecurity threat as the Winter Vivern group exploited a zero-day cross-site scripting (XSS) vulnerability in the Roundcube Webmail server. The new ...

New Cyberattack From Winter Vivern Exploits a Zero-Day Vulnerability in Roundcube Webmail Your email has been sent After reading the technical details about this zero-day that targeted governmental ...

Open source webmail provider Roundcube was patched against a vulnerability that could be trivially exploited to run code on servers or access email accounts. Open source webmail provider Roundcube has ...

ESET Research has been closely tracking the cyberespionage operations of Winter Vivern for more than a year and, during our routine monitoring, we found that the group began exploiting a zero-day XSS ...