A critical Cross-Site Scripting (XSS) vulnerability, CVE-2024-57004, has been found in Roundcube Webmail version 1.6.9, allowing remote authenticated users to upload malicious files as email attachments. This flaw can lead to data theft, account compromise, and malware propagation. Users are advised to upgrade to version 1.6.10, which includes a patch for stricter input validation and security measures.

‘Systemic gaps’ found private equity-backed healthcare companies’ cybersecurity preparedness
Private equity-backed healthcare companies have “systemic gaps” in their cybersecurity preparedness, according to a report from Clearwater Security. The findings revealed many such firms lack