Four Threat Actors Capitalized on Zimbra Zero Day to Infiltrate Government Organizations

Threat Level

Attack Report

For a detailed threat advisory, download the pdf file here

Summary

A zero-day vulnerability identified as CVE-2023-37580 in Zimbra Collaboration email software has been exploited by four different groups in attacks. These attacks aimed to illicitly obtain email data, user credentials, and authentication tokens.

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.