Operation RoundPress targets webmail software program to steal secrets and techniques from e-mail accounts belonging primarily to governmental organizations in Ukraine and protection contractors within the EU
15 Could 2025
ESET researchers have found a cyberespionage operation that abuses cross-site scripting (XSS) vulnerabilities, together with a zero-day XSS flaw in MDaemon webmail software program, to steal confidential info from particular e-mail accounts belonging to officers working for numerous governmental organizations in Ukraine and protection contractors in Europe and on different continents.
Operation RoundPress, so nicknamed by ESET, is most likely the work of the Russia-aligned Sednit APT group, who first took intention at Roundcube, however later expanded its concentrating on to different webmail software program, together with Horde, MDaemon, and Zimbra. In some instances, the attackers even circumvented two-factor (2FA) authentication.
What else is there to know in regards to the operation’s techniques, strategies, and procedures? Be taught from ESET Chief Safety Evangelist Tony Anscombe within the video and ensure to learn the complete blogpost.
Join with us on Fb, X, LinkedIn and Instagram.
