Cox Communications has transitioned all residential cox.net email accounts to Yahoo Mail. This move gives you continued access to your existing email address, inbox, folders, contacts, and calendars – ...

Hackers are likely starting to exploit CVE-2025-49113, a critical vulnerability in the widely used Roundcube open-source webmail application that allows remote execution. The security issue has been ...

As Russia's invasion of Ukraine continues, so too have its cyberattacks against the country. Security firm ESET recently published research on what it called "Operation RoundPress," a cyber-espionage ...

近日，安全研究人员披露，一个名为“RoundPress”的全球网络间谍活动正在持续展开，攻击者通过 Webmail 服务中的数个XSS漏洞，对全球多国政府和关键机构发起邮件窃密攻击。该行动被认为与黑客组织 APT28（又称“Fancy Bear”或“Sednit”）有关。 这项网络间谍活动 ...

Russia-linked APT28 has been exploiting mail server vulnerabilities against government and defense entities since September 2023. The Russian state-sponsored group APT28 has been exploiting XSS ...

A new cyber espionage operation conducted by Russian hackers associated with the Kremlin is aiming to steal confidential data from organizations linked to the war in Ukraine. Operation RoundPress, as ...

ESET uncovers a major cyber-espionage campaign It was attributed to APT28, AKA Fancy Bear The campaign leveraged multiple n-day and zero-day flaws For years now, Russian state-sponsored threat actors ...

近日，网络安全公司ESET报告称，一个被认为与俄罗斯政府有关的黑客组织Sednit（又名APT28、Fancy Bear、Forest Blizzard、Sofacy）利用跨站脚本（XSS）漏洞攻击了全球多个高价值邮件服务器。XSS漏洞是由于网络服务器软件中的编程错误导致的，攻击者可以通过这些漏洞在 ...

Hackers are running a worldwide cyberespionage campaign dubbed 'RoundPress,' leveraging zero-day and n-day flaws in webmail servers to steal email from high-value government organizations. ESET ...

Threat actors, likely supported by the Russian government, hacked multiple high-value mail servers around the world by exploiting XSS vulnerabilities, a class of bug that was among the most commonly ...

A Russia-linked threat actor has been attributed to a cyber espionage operation targeting webmail servers such as Roundcube, Horde, MDaemon, and Zimbra via cross-site scripting (XSS) vulnerabilities, ...

This blogpost introduces an operation that we named RoundPress, targeting high-value webmail servers with XSS vulnerabilities, and that we assess with medium confidence is run by the Sednit ...