URL has been copied successfully!
Zimbra Zero-Day Exploited to Target Brazilian Military via Malicious ICS Files
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

Zimbra Zero-Day Exploited to Target Brazilian Military via Malicious ICS Files


Tags: , , , , , , ,

A now patched security vulnerability in Zimbra Collaboration was exploited as a zero-day earlier this year in cyber attacks targeting the Brazilian military.Tracked as CVE-2025-27915 (CVSS score: 5.4), the vulnerability is a stored cross-site scripting (XSS) vulnerability in the Classic Web Client that arises as a result of insufficient sanitization of HTML content in ICS calendar files,

First seen on thehackernews.com

Jump to article: thehackernews.com/2025/10/zimbra-zero-day-exploited-to-target.html

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. China-Nexus Nation State Actors Exploit SAP NetWeaver (CVE-2025-31324) to Target Critical Infrastructures
  2. Frequently Asked Questions About Chinese State-Sponsored Actors Compromising Global Networks
  3. Salt Typhoon hacked the US National Guard for 9 months, and accessed networks in every state
  4. CVE-2025-20333, CVE-2025-20362: Frequently Asked Questions About Zero-Day Cisco Adaptive Security Appliance (ASA) and Firewall Threat Defense (FTD) Vulnerabilities