Product

Roundcube

3 briefs RSS

Roundcube Vulnerability Allows Remote Code Execution

A remote, authenticated attacker can exploit a vulnerability in Roundcube to execute arbitrary program code, potentially leading to complete system compromise.

Roundcube code-execution vulnerability webmail

2r 1t 4w ago

high threat

FrostyNeighbor Targets Ukraine with Updated PicassoLoader Chain

2 rules 3 TTPs 3 IOCs

The FrostyNeighbor threat actor is targeting Ukrainian governmental organizations with spearphishing emails containing malicious PDFs that deliver a JavaScript dropper (PicassoLoader) and ultimately a Cobalt Strike beacon.

Cobalt Strike +2 FrostyNeighbor cyberespionage cobaltstrike picassoloader ukraine

2r 3t 3i May 15, 2026

medium advisory

Roundcube Vulnerabilities Leading to Cross-Site Scripting and Information Disclosure

2 rules 1 TTP 3 CVEs

Multiple vulnerabilities in Roundcube allow an attacker to perform a cross-site scripting attack and disclose confidential information.

Roundcube xss vulnerability

2r 1t 3c Jun 24, 2024