Hot off the press! CISA adds CVE-2023-43770 (6.1 medium) Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability to the Known Exploited Vulnerabilities (KEV) Catalog.
🔗 (to be replaced later) https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Why you should care about CVE-2023-43770:
ESET Research previously reported on 25 October 2023 that the Winter Vivern APT was exploiting a similar RoundCube cross-site scripting vulnerability CVE-2023-5631 as a zero-day against European overnmental entities and a think tank.
If you use #NameCheap hosting, a new round of #phishing emails are happening that make it appear you need to respond due to #RoundCube issues. Be careful.
To refresh, recently, there was a major RoundCube hack across the globe with different service providers, not just NameCheap.
The round that is going on now is using the NameCheap logo and color scheme. #infosec#security
Nextcloud's partnership with Roundcube contributes to the broader trend of decentralizing global IT.
@Karlitschek and Thomas Brüderli, head of Roundcube, guide the project towards a new phase, fostering its success as a leading open-source email platform.
We envision a future for #Roundcube centered on user empowerment by welcoming new talent, initiating fresh discussions with contributors, and making new investments.
#Opensource#email pioneer #Roundcube joins the #Nextcloud family
In boosting Nextcloud's #webmail software capabilities, Roundcube is joining Nextcloud as what's been described as a merger. In 2024 Nextcloud is to invest into Roundcube to accelerate the development of this widely-used webmail open-source software. Today's press release says Roundcube will not replace Nextcloud Mail with at least no plans for merging the two in the short-term. https://www.phoronix.com/news/Roundcube-Nextcloud
Oh grosse annonce ! Zaclys a choisi :nextcloud: @nextcloud pour son service Cloud (pour les pros et les particuliers) et #roundcube comme webmail de notre service d'emails ZMail (pour les particuliers).
Roundcube qui goûte un peu de la potion magique de Nextcloud, vous en pensez quoi ?
CISA adds CVE-2023-5631 (Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability, CVSS 5.4 medium severity, disclosed by ESET as an exploited zero-day by APT Winter Vivern) to the Known Exploited Vulnerabilities Catalog.