ESET researchers, during their regular monitoring of the cyberespionage operations of Winter Vivern, discovered that the group recently began exploiting a zero-day XSS vulnerability in the Roundcube Webmail server. In an XSS attack, malicious scripts are injected into otherwise trusted websites.Read More…

ESET research today announced that it has uncovered LightNeuron, a Microsoft Exchange backdoor that can read, modify or block any email going through the mail server, and even compose new emails and send them under the identity of any legitimate user of the attackers’ choice.Read More…