heise online

Roundcube Webmail: Attacks with forged attachments

IT security researchers have observed attacks on a stored cross-site scripting vulnerability in Roundcube Webmail. An update is available. Attackers are attempting to abuse a security vulnerability in ...
Yahoo

How to install Roundcube webmail on OS X Server

In a previous article, I covered the steps on how to setup and configure the Mail service in OS X Server. While this included the steps to get up and running with email services, it did not address ...
Bleeping Computer

Hacker selling critical Roundcube webmail exploit as tech info disclosed

Hackers are likely starting to exploit CVE-2025-49113, a critical vulnerability in the widely used Roundcube open-source webmail application that allows remote execution. The security issue has been ...
heise online

Roundcube Webmail: Attackers can hijack emails through critical gap

Attackers can exploit several vulnerabilities in Roundcube Webmail and, in the worst case, view emails from victims or even send them in their name. One vulnerability is classified as"critical".
The Hacker News

Critical 10-Year-Old Roundcube Webmail Bug Allows Authenticated Users Run Malicious Code

Cybersecurity researchers have disclosed details of a critical security flaw in the Roundcube webmail software that has gone unnoticed for a decade and could be exploited to take over susceptible ...
Bleeping Computer

Hackers exploit Roundcube webmail flaw to steal email, credentials

Threat actors have been exploiting a vulnerability in the Roundcube Webmail client to target government organizations in the Commonwealth of Independent States (CIS) region, the successor of the ...
SecurityWeek

Roundcube Webmail Vulnerability Exploited in Government Attack

An XSS vulnerability in Roundcube Webmail has been targeted for code execution against a governmental organization in a CIS country. A threat actor was caught attempting to exploit a recent ...