Email Security Flaw Found in the Wild

Read Time:29 Second

Google’s Threat Analysis Group announced a zero-day against the Zimbra Collaboration email server that has been used against governments around the world.

TAG has observed four different groups exploiting the same bug to steal email data, user credentials, and authentication tokens. Most of this activity occurred after the initial fix became public on Github. To ensure protection against these types of exploits, TAG urges users and organizations to keep software fully up-to-date and apply security updates as soon as they become available.

The vulnerability was discovered in June. It has been patched.

WK Kellogg Confirms Data Breach Tied to Cleo Software Exploit

Precision-Validated Phishing Elevates Credential Theft Risks

Ransomware Attacks Hit All-Time High as Payoffs Dwindle

How to Leak to a Journalist

Three-Quarters of IT Leaders Fear Nation-State AI Cyber Threats

Microsoft Fixes Over 130 CVEs in April Patch Tuesday

NCSC Warns of Spyware Targeting Chinese and Taiwanese Diaspora

Patch Tuesday, April 2025 Edition

The AI Fix #45: The Turing test falls to GPT-4.5