Operation EmailThief: Zero-day XSS vulnerability in Zimbra email platform revealed

From zdnet.com

Researchers have uncovered an active campaign exploiting a zero-day vulnerability in the Zimbra email platform. 

Zimbra is an email platform available under an open source license. According to the developer, the platform supports hundreds of millions of mailboxes located in 140 countries. 

On February 3, cybersecurity researchers from Volexity, Steven Adair and Thomas Lancaster, said the system is being exploited by a threat group tracked as TEMP_Heretic in a series of spear phishing email attacks. 

Read more…