A suspected China-aligned threat activity cluster has been
observed exploiting Roundcube webmail software belonging to physics
and engineering departments of U.S. and Canadian universities as
part of a new campaign. The activity involves the exploitation of
now-patched, critical security flaws in the open-source email
solution, such as CVE-2024-42009 (CVSS score: 9.3), to siphon
credentials,
Read more https://thehackernews.com/2026/07/suspected-china-aligned-hackers-exploit.html

