A sophisticated cyberespionage campaign attributed to suspected China-aligned threat actors has been targeting higher education institutions across North America, specifically focusing on physics and engineering departments. The attackers are leveraging previously unknown vulnerabilities in Roundcube webmail software to compromise university networks and potentially exfiltrate sensitive research data and intellectual property. This development highlights the ongoing targeting of academic institutions by nation-state actors seeking access to valuable scientific research.
The attacks specifically exploit a critical security vulnerability identified as CVE-2024-42009, which carries a CVSS severity score of 9.3 out of 10. This flaw in the widely used open-source email solution allows attackers to bypass authentication measures and gain
Comments (0)
Leave a Comment
No comments yet. Be the first to comment!