WeLiveSecurity

Operation RoundPress

This blogpost introduces an operation that we named RoundPress, targeting high-value webmail servers with XSS vulnerabilities, and that we assess with medium confidence is run by the Sednit ...
WeLiveSecurity

Sednit abuses XSS flaws to hit gov't entities, defense companies

ESET researchers have discovered a cyberespionage operation that abuses cross-site scripting (XSS) vulnerabilities, including a zero-day XSS flaw in MDaemon webmail software, to steal confidential ...
CSOonline

Alternatives to Microsoft Outlook webmail come under attack in Europe

CISOs need to ensure that web email clients and browsers are kept up to date following the discovery of cross site scripting attacks on organizations running webmail clients such as Roundcube, Horde, ...