Hackers target vulnerabilities in Roundcube Webmail

CISA has added the flaws, one of which is considered critical, to its Known Exploited Vulnerabilities catalog.
SecurityWeek

Recent RoundCube Webmail Vulnerability Exploited in Attacks

The US cybersecurity agency CISA on Friday warned of two RoundCube Webmail vulnerabilities being exploited in the wild. Prevalent within government and enterprise networks, RoundCube Webmail is a ...

Roundcube Webmail: Attacks on security vulnerabilities ongoing

The IT security authority CISA warns of currently observed attacks on Roundcube webmail vulnerabilities. Admins should update ...
Dark Reading

PoC Code Escalates Roundcube Vuln Threat

The threat associated with a critical decade-old remote code execution vulnerability in Roundcube webmail has increased sharply in recent days, with proof-of-concept (PoC) code for the bug becoming ...
Bleeping Computer

Over 84,000 Roundcube instances vulnerable to actively exploited flaw

Over 84,000 Roundcube webmail installations are vulnerable to CVE-2025-49113, a critical remote code execution (RCE) flaw with a public exploit. The flaw, which impacts Roundcube versions 1.1.0 ...
Houston Chronicle

How to Set Up Roundcube on a Website

Roundcube is an open-source application for managing email through a Web interface. It runs on Web servers that support the PHP server-side scripting language. Roundcube may be a good choice for your ...
TechRepublic

How to install Roundcube webmail on OS X Server

Jesus Vigo reviews the steps necessary to add a front-end webmail application using Roundcube that's hosted on OS X Server. In a previous article, I covered the steps on how to setup and configure the ...
SiliconANGLE

A new and dangerous malware infects Roundcube webmail

A malware group has been busy creating a dangerous new vulnerability in the Roundcube webmail service, which is popular in European government circles. What makes this issue so important is that is a ...
TechRepublic

Pro tip: Troubleshooting common Roundcube installation issues

Email is as ubiquitous a service as it comes. From business to personal uses, promotional and marketing — these communications all thrive off of email’s ease of use and ability to reach millions of ...
Bleeping Computer

Hackers exploit Roundcube webmail flaw to steal email, credentials

Threat actors have been exploiting a vulnerability in the Roundcube Webmail client to target government organizations in the Commonwealth of Independent States (CIS) region, the successor of the ...
WeLiveSecurity

Winter Vivern exploits zero-day vulnerability in Roundcube Webmail servers

ESET Research has been closely tracking the cyberespionage operations of Winter Vivern for more than a year and, during our routine monitoring, we found that the group began exploiting a zero-day XSS ...