Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers

A Russia-linked threat actor has been attributed to a cyber espionage operation targeting webmail servers such as Roundcube, Horde, MDaemon, and Zimbra via cross-site scripting (XSS) vulnerabilities, including a then-zero-day in MDaemon, according to new findings from ESET. The activity, which commenced in 2023, has been codenamed Operation RoundPress by the Slovak cybersecurity company. It has

Read more https://thehackernews.com/2025/05/russia-linked-apt28-exploited-mdaemon.html