Breach Roundup: Critical RCE Flaw in Roundcube Servers

Also, M&S Back Online, Mexican Education Platform Breached, Patch Tuesday Anviksha More (AnvikshaMore) • June 12, 2025

Every week, Information Security Media Group rounds up cybersecurity incidents and breaches around the world. This week, more than 84,000 Roundcube servers exposed to a critical flaw, a Mexican education platform breached, exposing student data, and Dutch National Police try to scare straight Cracked users. A U.S. federal judge sentenced a Nigerian man for hacking into tax preparers. Marks and Spencer is partially back and United Natural Foods is still shipping on a limited basis. The British financial regulator disciplined four employees for sending data to personal email. SinoTrack GPS devices have feeble web panel security and Patch Tuesday.

See Also: On Demand | Global Incident Response Report 2025

More than 84,000 Roundcube webmail servers are exposed to CVE-2025-49113, a critical remote code execution vulnerability patched on June 1. The ...