UNC1151 exploiting Roundcube to steal user credentials in a spearphishing campaign

June 5, 2025

UNC1151 exploiting Roundcube to steal user credentials in a spearphishing campaign

CERT Polska has observed a spear phishing campaign targeting Polish entities this week. The threat actor attempted to exploit the CVE-2024-42009 vulnerability, which allows JavaScript code to be execu …

Published Date:
Jun 05, 2025 (3 hours, 39 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-49113

CVE-2024-42009

Source: Read More

Previous ArticleCVE-2025-0691 – Devolutions Server Access Control Bypass

Next Article How to create issues and pull requests in record time on GitHub

Designing For TV: Principles, Patterns And Practical Guidance (Part 2)

Neo4j introduces new graph architecture that allows operational and analytics workloads to be run together

Beyond the benchmarks: Understanding the coding personalities of different LLMs

Top 10 Use Cases of Vibe Coding in Large-Scale Node.js Applications

Building smarter interactions with MCP elicitation: From clunky tool calls to seamless user experiences

From Zero to MCP: Simplifying AI Integrations with xmcp

Distribution Release: Linux Mint 22.2

Coded Smorgasbord: Basically, a Smorgasbord

Drupal 11’s AI Features: What They Actually Mean for Your Team

Drupal 11’s AI Features: What They Actually Mean for Your Team

Why Data Governance Matters More Than Ever in 2025?

Perficient Included in the IDC Market Glance for Digital Business Professional Services, 3Q25

How DevOps Teams Are Redefining Reliability with NixOS and OSTree-Powered Linux

How DevOps Teams Are Redefining Reliability with NixOS and OSTree-Powered Linux

Distribution Release: Linux Mint 22.2

‘Cronos: The New Dawn’ was by far my favorite experience at Gamescom 2025 — Bloober might have cooked an Xbox / PC horror masterpiece

UNC1151 exploiting Roundcube to steal user credentials in a spearphishing campaign

UNC1151 exploiting Roundcube to steal user credentials in a spearphishing campaign

Critical Linux UDisks Daemon Vulnerability (CVE-2025-8067) Exposes Privileged Data to Local Attackers

Google Slapped with $381 Million Fine in France Over Gmail Ads, Cookie Consent Missteps

CVE-2025-37993 – Linux Kernel: CAN: Uninitialized Spin Lock in m_can_class_allocate_dev

Researchers from OpenAI, Anthropic, Meta, and Google issue joint AI safety warning – here’s why

CVE-2025-51384 – D-Link DI-8200 IPsec Buffer Overflow

The Best Chinese Open Agentic/Reasoning Models (2025): Expanded Review, Comparative Insights & Use Cases

Hire React.js Developers in the US: How to Choose the Right Team for Your Needs

Why Databricks SQL Serverless is not PCI-DSS compliant

NVIDIA expands its AI gaming tool to more GPUs — should you trust it in-game?

CVE-2025-7134 – Campcodes Online Recruitment Management System SQL Injection Vulnerability

UNC1151 exploiting Roundcube to steal user credentials in a spearphishing campaign

UNC1151 exploiting Roundcube to steal user credentials in a spearphishing campaign

Related Posts