A malware group has been busy creating a dangerous new vulnerability in the Roundcube webmail service, which is popular in European government circles. What makes this issue so important is that is a ...

New Cyberattack From Winter Vivern Exploits a Zero-Day Vulnerability in Roundcube Webmail Your email has been sent After reading the technical details about this zero-day that targeted governmental ...

ESET Research has been closely tracking the cyberespionage operations of Winter Vivern for more than a year and, during our routine monitoring, we found that the group began exploiting a zero-day XSS ...

The threat associated with a critical decade-old remote code execution vulnerability in Roundcube webmail has increased sharply in recent days, with proof-of-concept (PoC) code for the bug becoming ...

Over 84,000 Roundcube webmail installations are vulnerable to CVE-2025-49113, a critical remote code execution (RCE) flaw with a public exploit. The flaw, which impacts Roundcube versions 1.1.0 ...

Threat actors have been exploiting a vulnerability in the Roundcube Webmail client to target government organizations in the Commonwealth of Independent States (CIS) region, the successor of the ...

According to ESET Research, Winter Vivern is a Russian hacking group that has been operating since 2020. The notorious cybercriminals reportedly target governments across Central Asia and Europe. The ...