Ars Technica

Spies hack high-value mail servers using an exploit from yesteryear

Threat actors, likely supported by the Russian government, hacked multiple high-value mail servers around the world by exploiting XSS vulnerabilities, a class of bug that was among the most commonly ...
Bleeping Computer

Over 10,000 Zimbra servers vulnerable to ongoing XSS attacks

Over 10,000 Zimbra Collaboration Suite (ZCS) instances exposed online are vulnerable to ongoing attacks exploiting a cross-site scripting (XSS) security flaw, according to nonprofit security ...
Hosted on MSN

Microsoft confirms hackers are already exploiting an on-premise Exchange zero-day — one crafted email triggers code inside your browser

A single malicious email, opened or even previewed in a browser, can now execute attacker-controlled code inside your session. No clicks, no attachments, no links to follow. Microsoft has confirmed ...