Google’s Threat Analysis Group (TAG) detected a zero-day exploit targeting the Zimbra Collaboration, an open-source email server used by over 5,000 organisations globally. The bug, known as CVE-2023-37580, allows cross-site scripting and led to the theft of user credentials, email data, and authentication tokens by four distinct groups. Zimbra released a hotfix to address this vulnerability, but the exploit activity increased after the fix details were disclosed on GitHub.
![](https://healsecurity.com/wp-content/uploads/2024/07/group-ibs-threat-intelligence-and-defence-centre-equip-undergraduates-with-sophisticated.jpg)
Group-IB’s Threat Intelligence and Defence Centre Equip Undergraduates with Sophisticated Cybersecurity Technologies to Boost Threat Analysis and Enhance Cyber Resilience for Campus Start-ups
Hey there from the heart of the San Francisco Bay Area! It’s an absolute pleasure to have you back again for our chat on some