Threat actors exploited a Zimbra zero-day via malicious iCalendar (.ICS) files used to deliver attacks through calendar attachments. StrikeReady researchers discovered that threat actors exploited the vulnerability CVE-2025-27915 in Zimbra Collaboration Suite in zero-day attacks using malicious iCalendar (.ICS) files. These files, used to share calendar data, were weaponized to deliver JavaScript payloads to targeted […]
First seen on securityaffairs.com
Jump to article: securityaffairs.com/183014/hacking/zimbra-users-targeted-in-zero-day-exploit-using-icalendar-attachments.html
