A Russia-linked threat actor has been attributed to a cyber espionage operation targeting webmail servers such as Roundcube, Horde, MDaemon, and Zimbra via cross-site scripting (XSS) vulnerabilities, including a then-zero-day in MDaemon, according to new findings from ESET.The activity, which commenced in 2023, has been codenamed Operation RoundPress by the Slovak cybersecurity company. It has
First seen on thehackernews.com
Jump to article: thehackernews.com/2025/05/russia-linked-apt28-exploited-mdaemon.html
