Attackers have exploited a Cross-Site Scripting (XSS) vulnerability in the Roundcube Webmail client, designated CVE-2024-37383, in targeted phishing campaign against a governmental organization in a Commonwealth of Independent States (CIS) country. This vulnerability was leveraged to craft a sophisticated attack aimed at stealing user credentials.
Get through updates and upcoming events, and more directly in your inbox