Surge in XSS Cyberattacks Targets Popular Webmail Platforms, ESET Reports
gbhackers
A recent report from ESET has uncovered a sophisticated cyber espionage campaign by the Russia-aligned Sednit group, targeting high-value webmail platforms through cross-site scripting (XSS) attacks.
Dubbed Operation RoundPress, this operation has compromised popular webmail services such as Roundcube, Horde, MDaemon, and Zimbra, with a primary focus on governmental entities and defense organizations in Eastern Europe, alongside targets in Africa, Europe, and South America.
The attacks, initiated through spearphishing emails often tied to Ukraine-related news, exploit both known and zero-day vulnerabilities to inject malicious JavaScript into victims’ webmail interfaces.
Simply opening these crafted emails in a vulnerable webmail portal triggers the attack, enabling cybercriminals to steal credentials, exfiltrate email content, contacts, login histories, and even bypass two-factor authentication (2FA) by creating app passwords for unauthorized mailbox access.
Webmail Popularity Fuels Cybercriminal Opportunities
Webmail services remain a cornerstone of business communication, with global email user numbers ...
Copyright of this story solely belongs to gbhackers . To see the full text click HERE