webmail security

A recently discovered phishing campaign is exploiting a stored cross-site scripting (XSS) vulnerability in the open-source Roundcube webmail software to steal login credentials. Threat actors are leveraging a now-patched flaw (CVE-2024-37383) via malicious emails, targeting government organizations in Commonwealth of Independent States (CIS) countries. The vulnerability, patched in May 2024, allowed attackers to execute JavaScript within victims' browsers, tricking them into revealing sensitive login information.