Get a Demo

Required fields are marked with an asterisk *
Skip to main content

Two major ransomwares exploit SAP Netweaver πŸ’°πŸ₯… APT28 exploits one-click XSS vulnerabilities in webmail services πŸ“©πŸ»

Author:
Threat Research Team
Published on
May 22, 2025
Weekly Reprort
On This Page
Text Link
Text Link
Text Link
Text Link
Share this article:
Sign up for this weekly newsletter
Subscribe

APT28 exploits webmail servers

The notorious Russian state actor APT28 is apparently behind Operation RoundPress, a campaign exploiting 1-click XSS vulnerabilities in webmail servers to target European government and defense organizations since 2023. Among the compromised services are Roundcube (CVE-2023-43770), Horde, MDaemon (CVE-2024-11182) and Zimbra (CVE-2024-27443). The MDaemon flaw was apparently used as a zero-day.

‍

Mitigate

Heading 1

Heading 3

Heading 2

Heading 4

Heading 5
Heading 6

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.

Block quote

Ordered list

  1. Item 1
  2. Item 2
  3. Item 3

Unordered list

  • Item A
  • Item B
  • Item C

Text link

Bold text

Emphasis

Superscript

Subscript

PlatformCareersResourcesTrust CenterCompany
Β© 2025 Zafran. All rights reserved.
Privacy PolicyTerms of Service
Β© 2025 Zafran. All rights reserved.